Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected laptop


  • This topic is locked This topic is locked
21 replies to this topic

#1 sukham89

sukham89

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 11 February 2014 - 12:06 PM

I am having a dell XPS(L501X) laptop. It had mcafee antivirus solution(licensed version) installed in it from the beginning. but since it expired so i uninstalled it and installed microsoft security essentials recently but it was not initialized correctly and was giving some error which according to google answers was due to remnants of mcafee left in it. i then deleted all the folders and registry entries of mcafee but nothing happened and one of the registry entries' were unable to delete. my microsoft security essentials was detecting a trojan necurs64 and was not being able to remove it. it was repeteadly asking me to restart my system and when i did so my windows started attempting repairs. so i uninstalled the same. now i m not having any antivirus. What can i do now and how can i restore my system to some past date because its not showing a restore point. I am having windows 7 premium.


these are the logs of dds file and attach file that i got after running dds file

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16421
Run by SUKHAM at 22:28:29 on 2014-02-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.91.1033.18.3828.2120 [GMT 5.5:30]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\ChgService.exe
C:\Users\SUKHAM\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
C:\Windows\system32\svchost.exe -k bthsvcs
c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Tata Photon+\Huawei\Tata Photon+.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.in/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://in.yahoo.com/?fr=fp-spt_gen
mDefault_Page_URL = hxxp://in.yahoo.com/?fr=fp-spt_gen
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll
uURLSearchHooks: {b54561db-0bbb-41b4-a814-df8301fe0a8e} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - 
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\SUKHAM\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
uRun: [Facebook Update] "C:\Users\SUKHAM\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google+ Auto Backup] "C:\Users\SUKHAM\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
uRun: [DellSystemDetect] C:\Users\SUKHAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
mRun: [FAStartup] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Save video on Savevid.com - C:\Program Files (x86)\Savevid\redirect.htm
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: dell.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 10.0.8.40
TCP: Interfaces\{6088ED93-5100-49E5-BCE1-2E641F4B6194} : DHCPNameServer = 10.0.8.40
TCP: Interfaces\{6088ED93-5100-49E5-BCE1-2E641F4B6194}\1405D2034323 : DHCPNameServer = 10.0.8.40
TCP: Interfaces\{6088ED93-5100-49E5-BCE1-2E641F4B6194}\1405F5034323 : DHCPNameServer = 10.0.8.40
TCP: Interfaces\{6088ED93-5100-49E5-BCE1-2E641F4B6194}\8505542594140255F583436623 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{6088ED93-5100-49E5-BCE1-2E641F4B6194}\B616E696B61602E677 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{6088ED93-5100-49E5-BCE1-2E641F4B6194}\E4F4B4941402C457D6961602631303F513034313 : DHCPNameServer = 192.168.33.1
TCP: Interfaces\{DD2C0BAD-978A-42D2-BA25-FE433E38A169} : NameServer = 103.8.44.5 103.8.45.5
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages =  scecli FAPassSync
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - 
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-2-8 24680]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-2-7 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2011-2-8 21616]
R2 Change Modem Device Service;Change Modem Device Service;C:\ProgramData\ChgService.exe [2013-6-26 114688]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\SUKHAM\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-9-1 107520]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);C:\Program Files (x86)\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2011-4-24 1177952]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2011-2-8 27760]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-2-8 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-2-8 39464]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-2-7 175168]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-2-8 56344]
R3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\System32\drivers\ewusbdev.sys [2012-4-13 114304]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-2-8 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-2-8 287232]
R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2010-4-3 28512]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-8 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-8 184968]
R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2011-2-8 29288]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-6-18 39832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [?]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2012-10-29 38424]
S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;C:\Windows\System32\drivers\cmnsusbser.sys [2013-5-5 126080]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2012-4-13 243200]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-2-8 172632]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter_hs.sys [2012-10-29 18456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-2 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-15 1255736]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary;C:\Windows\System32\drivers\zghsmdm.sys [2012-10-29 129304]
S4 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-2-8 98208]
S4 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-11-1 2428552]
S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-7 13336]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 44896]
S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S4 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S4 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-2-7 1692480]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-8-25 235624]
S4 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S4 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-2-7 2533400]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-02-09 16:32:49 -------- d-----w- C:\Users\SUKHAM\AppData\Local\uTorrent
2014-02-06 17:01:49 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{17F27E32-3491-4A89-8D63-0E36B0C7D88E}\mpengine.dll
2014-01-25 20:16:40 9832 ----a-w- C:\Windows\System32\NVMUPEventMsg.dll
2014-01-25 20:16:32 -------- d-----w- C:\Windows\nvmup
2014-01-18 04:31:36 -------- d-----w- C:\ProgramData\PC-Doctor for Windows
2014-01-18 04:31:36 -------- d-----w- C:\Program Files\Dell Support Center
2014-01-18 04:31:11 -------- d-----w- C:\Program Files\My Dell
.
==================== Find3M  ====================
.
2014-02-10 13:23:08 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-10 13:23:08 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-23 19:32:50 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr
.
============= FINISH: 22:28:55.33 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 12-02-2011 17:43:00
System Uptime: 11-02-2014 21:49:20 (1 hours ago)
.
Motherboard: Dell Inc. |  | 0NYTH5
Processor: Intel® Core™ i5 CPU       M 480  @ 2.67GHz | U2E1 | 2667/133mhz
.
==== Disk Partitions =========================
.
A: is FIXED (NTFS) - 186 GiB total, 25.92 GiB free.
C: is FIXED (NTFS) - 268 GiB total, 201.356 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00001112-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&1C0817C8&0&7C6193BA359C_C00000000
Manufacturer: 
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00001112-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&1C0817C8&0&7C6193BA359C_C00000000
Service: 
.
Class GUID: 
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00001105-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&1C0817C8&0&7C6193BA359C_C00000000
Manufacturer: 
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00001105-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&1C0817C8&0&7C6193BA359C_C00000000
Service: 
.
Class GUID: 
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{0000110A-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&1C0817C8&0&7C6193BA359C_C00000000
Manufacturer: 
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{0000110A-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&1C0817C8&0&7C6193BA359C_C00000000
Service: 
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: High Definition Audio Controller
Device ID: PCI\VEN_10DE&DEV_0BEA&SUBSYS_046E1028&REV_A1\4&162EDF65&0&0108
Manufacturer: Microsoft
Name: High Definition Audio Controller
PNP Device ID: PCI\VEN_10DE&DEV_0BEA&SUBSYS_046E1028&REV_A1\4&162EDF65&0&0108
Service: HDAudBus
.
Class GUID: 
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{0000110C-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&1C0817C8&0&7C6193BA359C_C00000000
Manufacturer: 
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{0000110C-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&1C0817C8&0&7C6193BA359C_C00000000
Service: 
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
==== System Restore Points ===================
.
RP138: 29-10-2013 07:30:51 - Scheduled Checkpoint
RP139: 01-12-2013 21:38:10 - Scheduled Checkpoint
RP140: 24-12-2013 03:39:17 - Scheduled Checkpoint
RP141: 26-01-2014 02:03:20 - Installed System Software.
RP143: 06-02-2014 22:33:40 - Windows Defender Checkpoint
RP145: 08-02-2014 00:34:39 - Windows Defender Checkpoint
RP149: 09-02-2014 22:07:31 - Windows Defender Checkpoint
RP150: 09-02-2014 23:25:04 - Restore Operation
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
µTorrent
AccelerometerP11
Adobe Flash Player 12 ActiveX
Adobe Reader XI (11.0.06)
Advanced Audio FX Engine
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bing Rewards Client Installer
Bonjour
CCleaner
Chinese Simplified Fonts Support For Adobe Reader 9
Chinese Traditional Fonts Support For Adobe Reader 9
D3DX10
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Edoc Viewer
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell VideoStage
Dell Webcam Central
DirectX 9 Runtime
Docx to Doc Converter 5.06
Face Recognition
Facebook Video Calling 2.0.0.447
Free M4a to MP3 Converter 8.0
Free PDF to Word Doc Converter v1.1
GDR 1617 for SQL Server 2008 R2 (KB2494088)
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist Corporate
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Intel PROSet Wireless
Intel® Control Center
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® PROSet/Wireless WiFi Software
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Monitor
Intel® Wireless Display
Internet Download Manager 5.18.8.0
J2SE Development Kit 5.0 Update 4
Java Auto Updater
Java™ 6 Update 22 (64-bit)
Java™ 6 Update 29
Java™ SE Development Kit 6 Update 11
JMicron Flash Media Controller Driver
Junk Mail filter update
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools
Microsoft Help Viewer 1.0
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight 3 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 Policies
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 Setup Support Files 
Microsoft SQL Server Browser
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 (x86)
Microsoft Sync Services for ADO.NET v2.0 (x86)
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Web Developer 2010 Express - ENU
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Dell
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA Stereoscopic 3D Driver
NVIDIA Updatus
PhotoShowExpress
Picasa 3
POWERPREP II
Quickset64
RBVirtualFolder64Inst
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Roxio File Backup
SaveVid Plug-in
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition 
Security Update for Microsoft Visual C# 2010 Express - ENU (KB2251489)
Security Update for Microsoft Visual Web Developer 2010 Express - ENU (KB2251489)
Skype Toolbars
Skype™ 4.2
Song Mixer 3.7.3
Sonic CinePlayer Decoder Pack
SQL Server 2008 R2 BI Development Studio
SQL Server 2008 R2 Common Files
SQL Server 2008 R2 Database Engine Services
SQL Server 2008 R2 Database Engine Shared
SQL Server 2008 R2 Full text search
SQL Server 2008 R2 Management Studio
SQL Server 2008 R2 Reporting Services
Sql Server Customer Experience Improvement Program
Synaptics Pointing Device Driver
Tata Photon+
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player 2.0.5
Web Deployment Tool
WIDCOMM Bluetooth Software
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Updater Component
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== Event Viewer Messages From Past Week ========
.
11-02-2014 21:49:56, Error: Service Control Manager [7003]  - The McAfee Personal Firewall Service service depends the following service: MfeFire. This service might not be installed.
11-02-2014 20:38:42, Error: Microsoft-Windows-WLAN-AutoConfig [10003]  - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
11-02-2014 01:01:17, Error: Service Control Manager [7023]  - The Windows Modules Installer service terminated with the following error:  Access is denied.
11-02-2014 00:37:48, Error: Service Control Manager [7023]  - The Software Protection service terminated with the following error:  Access is denied.
09-02-2014 23:51:56, Error: Service Control Manager [7023]  - The Function Discovery Resource Publication service terminated with the following error:  %%-2147023611
09-02-2014 23:51:56, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:  %%-2147023611
09-02-2014 23:17:58, Error: Microsoft Antimalware [2001]  - 
09-02-2014 23:16:27, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  MpFilter
09-02-2014 22:29:29, Error: Service Control Manager [7001]  - The Microsoft Network Inspection service depends on the Microsoft Network Inspection System service which failed to start because of the following error:  A device attached to the system is not functioning.
09-02-2014 22:29:29, Error: Service Control Manager [7000]  - The Microsoft Network Inspection System service failed to start due to the following error:  A device attached to the system is not functioning.
09-02-2014 21:46:53, Error: volsnap [3]  - The shadow copy of volume C: could not lock down the location of the shadow copy storage on volume C:.
06-02-2014 22:10:22, Error: NetBT [4321]  - The name "WORKGROUP      :1d" could not be registered on the interface with IP address 10.0.10.133. The computer with the IP address 10.0.10.62 did not allow the name to be claimed by this computer.
04-02-2014 22:22:53, Error: NetBT [4321]  - The name "WORKGROUP      :1d" could not be registered on the interface with IP address 10.0.10.133. The computer with the IP address 10.0.12.197 did not allow the name to be claimed by this computer.
04-02-2014 21:54:36, Error: Service Control Manager [7038]  - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
04-02-2014 21:54:36, Error: Service Control Manager [7000]  - The UPnP Device Host service failed to start due to the following error:  The service did not start due to a logon failure.
04-02-2014 21:54:36, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
04-02-2014 21:46:23, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  mfehidk mfewfpk
04-02-2014 21:46:05, Error: Service Control Manager [7001]  - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The dependency service or group failed to start.
04-02-2014 21:46:05, Error: Service Control Manager [7001]  - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.
04-02-2014 21:46:05, Error: Service Control Manager [7001]  - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.
04-02-2014 21:46:01, Error: Service Control Manager [7001]  - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error:  A device attached to the system is not functioning.
.
==== End Of File ===========================


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:25 AM

Posted 13 February 2014 - 09:39 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Download correct tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 sukham89

sukham89
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 13 February 2014 - 01:24 PM

following log files were created on installation and execution of ADW cleaner

 

ADW Cleaner[R0]

 

# AdwCleaner v3.018 - Report created 13/02/2014 at 23:35:14
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : SUKHAM - SUKHAM-PC
# Running from : C:\Users\SUKHAM\Downloads\adwcleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : DefaultTabUpdate
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\SUKHAM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Gophoto.it
Folder Found C:\Program Files (x86)\TelevisionFanaticEI
Folder Found C:\Program Files (x86)\TornTV.com
Folder Found C:\ProgramData\~0
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\Users\SUKHAM\AppData\Local\Conduit
Folder Found C:\Users\SUKHAM\AppData\Local\PackageAware
Folder Found C:\Users\SUKHAM\AppData\LocalLow\Conduit
Folder Found C:\Users\SUKHAM\AppData\LocalLow\Delta
Folder Found C:\Users\SUKHAM\AppData\LocalLow\TelevisionFanaticEI
Folder Found C:\Users\SUKHAM\AppData\Roaming\Babylon
Folder Found C:\Users\SUKHAM\AppData\Roaming\DefaultTab
Folder Found C:\Users\SUKHAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\5c57dadce73dbe49
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\DefaultTab
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\BabSolution
Key Found : [x64] HKCU\Software\DataMngr
Key Found : [x64] HKCU\Software\DataMngr_Toolbar
Key Found : [x64] HKCU\Software\DefaultTab
Key Found : [x64] HKCU\Software\Headlight
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\5c57dadce73dbe49
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3045277
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\Software\PIP
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16421
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\SUKHAM\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\SUKHAM\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [8218 octets] - [13/02/2014 23:35:14]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8278 octets] ##########

ADW cleaner [s0]

 

# AdwCleaner v3.018 - Report created 13/02/2014 at 23:36:30
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : SUKHAM - SUKHAM-PC
# Running from : C:\Users\SUKHAM\Downloads\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : DefaultTabUpdate
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\~0
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\TelevisionFanaticEI
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Users\SUKHAM\AppData\Local\Conduit
Folder Deleted : C:\Users\SUKHAM\AppData\Local\PackageAware
Folder Deleted : C:\Users\SUKHAM\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\SUKHAM\AppData\LocalLow\Delta
Folder Deleted : C:\Users\SUKHAM\AppData\LocalLow\TelevisionFanaticEI
Folder Deleted : C:\Users\SUKHAM\AppData\Roaming\Babylon
Folder Deleted : C:\Users\SUKHAM\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\SUKHAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
File Deleted : C:\Users\SUKHAM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKCU\Software\5c57dadce73dbe49
Key Deleted : HKLM\SOFTWARE\5c57dadce73dbe49
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3045277
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16421
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\SUKHAM\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\SUKHAM\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [8394 octets] - [13/02/2014 23:35:14]
AdwCleaner[S0].txt - [8033 octets] - [13/02/2014 23:36:30]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8093 octets] ##########


#4 sukham89

sukham89
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 13 February 2014 - 01:29 PM

and following ur directions i tried installing JRT tool but it wasn't able to install and gave me an error which said

 

"could not create folder "C:\users\sukham\appdata\local\temp;c:". The filename, directory name, or volume label syntax is incorrect."



#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:25 AM

Posted 13 February 2014 - 02:27 PM

Restart the Computer normally.

Run the JRT tool. Post the log if you can.

Continue and run the Farbar Recovery Scan Tool.

#6 sukham89

sukham89
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 15 February 2014 - 06:27 AM

hey nasdaq....i have tried installing it even after restarting my laptop but every time the same error is thrown which i quoted earlier....how to overcome that error for jrt installation....



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:25 AM

Posted 15 February 2014 - 09:15 AM

Run the Farbar Recovery Scan Tool and post the log.

#8 sukham89

sukham89
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 16 February 2014 - 12:29 PM

here are the logs

 

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2014 01
Ran by SUKHAM (administrator) on SUKHAM-PC on 16-02-2014 22:54:03
Running from C:\Users\SUKHAM\Desktop\tool
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\ChgService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [FAStartup] - [X]
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [641400 2011-10-01] (BitTorrent, Inc.)
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\Run: [Facebook Update] - C:\Users\SUKHAM\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-12] (Facebook Inc.)
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-08-09] (Google Inc.)
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\Run: [Google+ Auto Backup] - "C:\Users\SUKHAM\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\Run: [DellSystemDetect] - C:\Users\SUKHAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {04f23497-e271-11e2-801e-f04da262b1d3} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {1603948a-033a-11e2-b5d6-1c659dae6593} - H:\ZTE_Handset_USB_Driver.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {3380755a-def3-11e2-9041-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {3b5e26da-0970-11e3-809c-f04da262b1d3} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {473c7f23-f8cc-11e2-8d79-f04da262b1d3} - F:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {58ba88d8-36bf-11e0-9106-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {58ba88e3-36bf-11e0-9106-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {6e4abcca-8549-11e1-8733-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {6e4abcd8-8549-11e1-8733-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {6e4abceb-8549-11e1-8733-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {75ff4067-446b-11e2-a018-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {860c6257-def0-11e2-91c1-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {8af6cf99-b564-11e2-a38b-f04da262b1d3} - E:\.\ShowModem.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {9ccfd479-fd70-11e1-b9c4-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {aad39e13-de74-11e2-9f50-f04da262b1d3} - E:\.\ShowModem.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {c12f1a22-26d2-11e3-a177-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {d1a6dedc-1777-11e3-891c-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {d9b9591b-8520-11e1-939a-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {d9b9593a-8520-11e1-939a-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {e28d8ed9-096d-11e3-bf94-f04da262b1d3} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {e28d8ede-096d-11e3-bf94-f04da262b1d3} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {e948e8a9-e885-11e2-90b2-f04da262b1d3} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {e9f6807b-0970-11e3-8b9f-f04da262b1d3} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {eb076ea8-803d-11e0-a395-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {ec09937d-def0-11e2-8400-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {f078de6b-855c-11e1-a7c2-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {f078de71-855c-11e1-a7c2-1c659dae6593} - E:\AutoRun.exe
HKU\S-1-5-21-1191422254-3871790684-479291829-1001\...\MountPoints2: {f96185da-e271-11e2-b260-f04da262b1d3} - E:\AutoRun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [112232 2010-08-26] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli FAPassSync
 
==================== Internet (Whitelisted) ====================
 
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: 10.0.0.4:80
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/USCON/9
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com/?fr=fp-spt_gen
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com/?fr=fp-spt_gen
URLSearchHook: HKCU - YTNavAssist.YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
URLSearchHook: HKCU - (No Name) - {b54561db-0bbb-41b4-a814-df8301fe0a8e} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
SearchScopes: HKCU - {1B502D42-918C-4BBC-8F7C-043431872E87} URL = 
SearchScopes: HKCU - {882C2D22-D3EF-4733-A1E7-0ACB74EA6A03} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3045277
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://in.search.yahoo.com/search?p={searchTerms}&fr=chr-ytbm
SearchScopes: HKCU - {E9D9FEED-3031-4207-9D24-2FAC195274B5} URL = http://www.mysearchresults.com/search?c=2408&t=14&q={searchTerms}
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: SSOIEAddonBHO Class - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: SSOIEAddonBHO Class - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {B54561DB-0BBB-41B4-A814-DF8301FE0A8E} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 
FireFox:
========
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\SUKHAM\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: uTorrentBar2 Community Toolbar - \Extensions\{b54561db-0bbb-41b4-a814-df8301fe0a8e} [2011-10-01]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ []
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\SUKHAM\AppData\Roaming\IDM\idmmzcc3
FF Extension: IDM CC - C:\Users\SUKHAM\AppData\Roaming\IDM\idmmzcc3 [2011-03-22]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.co.in/
CHR DefaultSearchKeyword: google.co.in
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\SUKHAM\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\SUKHAM\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\SUKHAM\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\SUKHAM\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (Google Docs) - C:\Users\SUKHAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-09]
CHR Extension: (Google Drive) - C:\Users\SUKHAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-09]
CHR Extension: (YouTube) - C:\Users\SUKHAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-09]
CHR Extension: (Google Search) - C:\Users\SUKHAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-09]
CHR Extension: (Google Wallet) - C:\Users\SUKHAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Users\SUKHAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-09]
CHR HKLM-x32\...\Chrome\Extension: [jealjalmcelnenljclnadlblookmkmdc] - C:\Users\SUKHAM\AppData\Local\Temp\crx905F.tmp [2013-04-09]
 
==================== Services (Whitelisted) =================
 
R2 Change Modem Device Service; C:\ProgramData\ChgService.exe [114688 2012-08-02] ()
R3 MSSQLFDLauncher; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [28512 2010-04-03] (Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [42872672 2011-04-24] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R2 ReportServer; C:\Program Files (x86)\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [1177952 2011-04-24] (Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [367456 2011-04-24] (Microsoft Corporation)
S2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
 
==================== Drivers (Whitelisted) ====================
 
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-14] ()
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] ()
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-14] ()
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] ()
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] ()
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-03-11] ()
S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [194128 2009-07-14] ()
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] ()
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-20] ()
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [87632 2009-07-14] ()
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [97856 2009-07-14] ()
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] ()
S3 atapi; C:\Windows\system32\drivers\atapi.sys [24128 2009-07-14] ()
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-11] ()
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-11] ()
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] ()
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] ()
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] ()
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-11] ()
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-11] ()
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] ()
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-11] ()
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-11] ()
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-11] ()
R3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [41984 2009-07-14] ()
R3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-14] ()
R3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-14] ()
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2011-04-28] ()
R3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2011-04-28] ()
R3 btwampfl; C:\Windows\System32\drivers\btwampfl.sys [344616 2010-07-13] ()
R3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [102952 2010-07-20] ()
R3 btwavdt; C:\Windows\System32\DRIVERS\btwavdt.sys [135720 2010-07-20] ()
R3 btwl2cap; C:\Windows\System32\DRIVERS\btwl2cap.sys [39464 2010-03-02] ()
R3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [21544 2010-07-20] ()
R4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] ()
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] ()
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] ()
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] ()
R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-14] ()
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] ()
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [126080 2011-09-15] (QUALCOMM Incorporated)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [459232 2011-11-17] ()
R0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-14] ()
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] ()
S4 crcdisk; C:\Windows\system32\DRIVERS\crcdisk.sys [24144 2009-07-14] ()
R3 CtClsFlt; C:\Windows\System32\DRIVERS\CtClsFlt.sys [175168 2010-08-12] ()
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] ()
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] ()
R0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-14] ()
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] ()
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982912 2010-11-20] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-11] ()
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [530496 2009-07-14] ()
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] ()
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [243200 2009-10-21] ()
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] ()
S3 FACAP; C:\Windows\System32\DRIVERS\facap.sys [238848 2008-09-24] ()
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] ()
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] ()
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] ()
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] ()
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] ()
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] ()
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] ()
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223248 2010-11-20] ()
S3 gagp30kx; C:\Windows\system32\DRIVERS\gagp30kx.sys [65088 2009-07-14] ()
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-11] ()
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] ()
R3 HECIx64; C:\Windows\System32\DRIVERS\HECIx64.sys [56344 2009-09-17] ()
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] ()
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] ()
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] ()
S3 HidUsb; C:\Windows\system32\drivers\hidusb.sys [30208 2010-11-20] ()
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-20] ()
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] ()
R3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [117248 2009-09-10] ()
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] ()
R3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] ()
R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] ()
R0 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [540696 2010-03-04] ()
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-11] ()
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10610400 2010-07-29] ()
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [44112 2009-07-14] ()
R3 Impcd; C:\Windows\System32\DRIVERS\Impcd.sys [158976 2010-02-27] ()
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [2543976 2010-11-10] ()
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [287232 2010-06-21] ()
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] ()
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] ()
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] ()
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] ()
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] ()
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] ()
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] ()
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [273792 2010-11-20] ()
S3 JMCR; C:\Windows\System32\DRIVERS\jmcr.sys [172632 2010-11-11] ()
R3 kbdclass; C:\Windows\system32\drivers\kbdclass.sys [50768 2009-07-14] ()
S3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [33280 2010-11-20] ()
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95600 2011-11-17] ()
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [152432 2011-11-17] ()
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] ()
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] ()
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [114752 2009-07-14] ()
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [106560 2009-07-14] ()
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [65600 2009-07-14] ()
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [115776 2009-07-14] ()
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] ()
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [18456 2011-03-07] (HandSet Incorporated)
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [35392 2009-07-14] ()
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [284736 2009-07-14] ()
R3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] ()
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] ()
R3 mouclass; C:\Windows\system32\drivers\mouclass.sys [49216 2009-07-14] ()
S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] ()
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-20] ()
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-20] ()
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] ()
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2010-11-20] ()
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] ()
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] ()
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] ()
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-20] ()
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-20] ()
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] ()
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] ()
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] ()
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] ()
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] ()
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] ()
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] ()
R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-14] ()
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] ()
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] ()
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] ()
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] ()
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [951680 2010-11-20] ()
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] ()
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] ()
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] ()
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] ()
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] ()
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] ()
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] ()
R3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [7689216 2010-05-31] ()
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-14] ()
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] ()
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] ()
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1659776 2011-03-11] ()
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] ()
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [83080 2010-04-28] ()
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [184968 2010-04-28] ()
S3 NVHDA; C:\Windows\System32\drivers\nvhda64v.sys [131688 2010-06-22] ()
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [12499176 2010-08-26] ()
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [24680 2010-08-26] ()
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-11] ()
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-11] ()
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] ()
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] ()
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] ()
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] ()
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] ()
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] ()
S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [220752 2009-07-14] ()
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] ()
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] ()
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] ()
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] ()
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] ()
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55856 2010-03-19] ()
R3 qicflt; C:\Windows\System32\DRIVERS\qicflt.sys [29288 2010-07-13] ()
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-14] ()
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-14] ()
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] ()
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] ()
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] ()
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] ()
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] ()
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] ()
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] ()
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-14] ()
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] ()
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] ()
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] ()
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-02-17] ()
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] ()
R3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-14] ()
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] ()
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [539240 2011-06-10] ()
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-20] ()
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] ()
S3 sdbus; C:\Windows\system32\drivers\sdbus.sys [109056 2010-11-20] ()
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-11] ()
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-14] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] ()
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] ()
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] ()
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] ()
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] ()
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] ()
S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-14] ()
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-14] ()
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] ()
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] ()
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] ()
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] ()
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] ()
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [21616 2010-08-21] ()
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-14] ()
R3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-14] ()
R3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [1381936 2010-07-16] ()
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1918320 2012-03-30] ()
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1918320 2012-03-30] ()
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45056 2010-11-20] ()
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] ()
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] ()
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] ()
R1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-20] ()
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39424 2010-11-20] ()
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] ()
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-14] ()
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] ()
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] ()
R3 umbus; C:\Windows\system32\drivers\umbus.sys [48640 2010-11-20] ()
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] ()
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2011-03-25] ()
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100352 2009-07-14] ()
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [52736 2011-03-25] ()
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-25] ()
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2011-03-25] ()
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] ()
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] ()
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2011-03-25] ()
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184960 2010-11-20] ()
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] ()
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] ()
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] ()
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-20] ()
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] ()
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] ()
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] ()
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] ()
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-14] ()
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] ()
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] ()
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] ()
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] ()
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] ()
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] ()
S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-14] ()
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-14] ()
R3 wdkmd; C:\Windows\System32\DRIVERS\WDKMD.sys [39832 2010-06-18] ()
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] ()
S3 WimFltr; C:\Windows\System32\DRIVERS\wimfltr.sys [151656 2006-11-01] ()
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] ()
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] ()
R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] ()
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] ()
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2010-11-20] ()
R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2010-11-20] ()
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [129304 2011-03-07] (ZTE Incorporated)
U5 b3fc7d5be5d4b0b; C:\Windows\System32\Drivers\b3fc7d5be5d4b0b.sys [73176 2012-07-01] ()
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] ()
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S1 qgeyeysa; \??\C:\Windows\system32\drivers\qgeyeysa.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-16 22:53 - 2014-02-16 22:54 - 00000000 ____D () C:\FRST
2014-02-15 16:50 - 2014-02-15 16:45 - 00024064 _____ () C:\Users\SUKHAM\Desktop\Campus Excel (1).xls
2014-02-15 16:39 - 2014-02-15 16:45 - 00024064 _____ () C:\Users\SUKHAM\Downloads\Campus Excel (1).xls
2014-02-13 23:44 - 2014-02-16 22:54 - 00000000 ____D () C:\Users\SUKHAM\Desktop\tool
2014-02-13 23:41 - 2014-02-13 23:42 - 01037530 _____ (Thisisu) C:\Users\SUKHAM\Desktop\JRT.exe
2014-02-13 23:34 - 2014-02-13 23:36 - 00000000 ____D () C:\AdwCleaner
2014-02-13 23:21 - 2014-02-13 23:21 - 01166132 _____ () C:\Users\SUKHAM\Downloads\adwcleaner.exe
2014-02-12 22:01 - 2014-02-12 22:01 - 00293888 _____ () C:\Users\SUKHAM\Downloads\Enhancing_HR.ppt
2014-02-11 22:29 - 2014-02-11 22:29 - 00018907 _____ () C:\Users\SUKHAM\Desktop\attach.txt
2014-02-11 22:29 - 2014-02-11 22:28 - 00018689 _____ () C:\Users\SUKHAM\Desktop\dds.txt
2014-02-11 22:26 - 2014-02-11 22:27 - 00688992 ____R (Swearware) C:\Users\SUKHAM\Downloads\dds.com
2014-02-09 22:02 - 2014-02-09 22:02 - 00000000 ____D () C:\Users\SUKHAM\AppData\Local\uTorrent
2014-02-07 22:23 - 2014-02-07 22:23 - 00029184 _____ () C:\Users\SUKHAM\Downloads\Campus Excel.xls
2014-02-04 21:57 - 2014-02-09 23:20 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-02-03 01:23 - 2014-02-03 01:23 - 00000096 _____ () C:\Users\SUKHAM\Desktop\topics.txt
2014-01-26 01:56 - 2014-01-26 02:01 - 18551104 _____ (Dell, Inc.) C:\Users\SUKHAM\Desktop\DSS_UTIL_WIN_R274693.EXE
2014-01-26 01:56 - 2014-01-26 02:00 - 16997528 _____ () C:\Users\SUKHAM\Desktop\Dell_System-Software_A02_R274693.exe
2014-01-26 01:51 - 2014-01-26 02:04 - 98537720 _____ () C:\Users\SUKHAM\Downloads\R284809.exe
2014-01-26 01:47 - 2014-01-26 01:50 - 41070072 _____ () C:\Users\SUKHAM\Downloads\R286038.exe
2014-01-26 01:46 - 2014-01-26 01:46 - 00000000 ____D () C:\Windows\nvmup
2014-01-26 01:46 - 2010-12-24 08:26 - 00009832 _____ (NVIDIA Corporation) C:\Windows\system32\NVMUPEventMsg.dll
2014-01-26 01:42 - 2014-01-26 01:44 - 21317864 _____ () C:\Users\SUKHAM\Downloads\SKYPE-TECHNOLOGIES_SKYPE_A00_R272748.exe
2014-01-26 01:40 - 2014-01-26 01:42 - 19729279 _____ () C:\Users\SUKHAM\Downloads\R244364_RoxioBurn_v1.01_120B16F.zip
2014-01-26 01:38 - 2014-01-26 01:39 - 05647976 _____ () C:\Users\SUKHAM\Downloads\R278099.exe
2014-01-19 10:59 - 2014-01-19 10:59 - 00000063 _____ () C:\Users\SUKHAM\Desktop\dell.txt
2014-01-18 10:04 - 2014-01-26 01:35 - 163337928 _____ () C:\Users\SUKHAM\Desktop\R297049.exe
2014-01-18 10:01 - 2014-01-18 10:01 - 00003988 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-01-18 10:01 - 2014-01-18 10:01 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-01-18 10:01 - 2014-01-18 10:01 - 00003200 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-01-18 10:01 - 2014-01-18 10:01 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2014-01-18 10:01 - 2014-01-18 10:01 - 00000000 ____D () C:\Program Files\My Dell
2014-01-18 10:01 - 2014-01-18 10:01 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-01-18 09:51 - 2014-01-18 10:02 - 13079688 _____ (Microsoft Corporation) C:\Users\SUKHAM\Downloads\Silverlight_x64.exe
2014-01-18 09:47 - 2014-01-18 09:47 - 01889176 _____ (Dell Inc) C:\Users\SUKHAM\Downloads\aulauncher.exe
2014-01-18 09:44 - 2014-01-18 09:44 - 00431696 _____ () C:\Users\SUKHAM\Downloads\DellSystemDetect.exe
 
==================== One Month Modified Files and Folders =======
 
2014-02-16 22:54 - 2014-02-16 22:53 - 00000000 ____D () C:\FRST
2014-02-16 22:54 - 2014-02-13 23:44 - 00000000 ____D () C:\Users\SUKHAM\Desktop\tool
2014-02-16 22:52 - 2013-05-22 22:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-16 22:45 - 2011-10-01 14:23 - 00000000 ____D () C:\Users\SUKHAM\AppData\Roaming\uTorrent
2014-02-16 22:44 - 2011-08-09 23:17 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-16 22:44 - 2011-08-09 23:17 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-16 22:39 - 2011-08-09 23:17 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 22:39 - 2011-08-09 23:17 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 22:32 - 2009-07-14 10:15 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-16 22:32 - 2009-07-14 10:15 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-16 22:29 - 2009-07-14 10:43 - 00900398 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-16 22:24 - 2011-11-25 08:26 - 00184969 _____ () C:\Windows\setupact.log
2014-02-16 22:24 - 2009-07-14 10:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-15 20:47 - 2011-02-15 14:52 - 00000000 ____D () C:\Users\SUKHAM\AppData\Roaming\vlc
2014-02-15 20:23 - 2011-10-26 23:56 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1191422254-3871790684-479291829-1001UA.job
2014-02-15 16:45 - 2014-02-15 16:50 - 00024064 _____ () C:\Users\SUKHAM\Desktop\Campus Excel (1).xls
2014-02-15 16:45 - 2014-02-15 16:39 - 00024064 _____ () C:\Users\SUKHAM\Downloads\Campus Excel (1).xls
2014-02-13 23:42 - 2014-02-13 23:41 - 01037530 _____ (Thisisu) C:\Users\SUKHAM\Desktop\JRT.exe
2014-02-13 23:36 - 2014-02-13 23:34 - 00000000 ____D () C:\AdwCleaner
2014-02-13 23:21 - 2014-02-13 23:21 - 01166132 _____ () C:\Users\SUKHAM\Downloads\adwcleaner.exe
2014-02-13 13:20 - 2011-10-26 23:56 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1191422254-3871790684-479291829-1001Core.job
2014-02-12 22:01 - 2014-02-12 22:01 - 00293888 _____ () C:\Users\SUKHAM\Downloads\Enhancing_HR.ppt
2014-02-11 22:29 - 2014-02-11 22:29 - 00018907 _____ () C:\Users\SUKHAM\Desktop\attach.txt
2014-02-11 22:28 - 2014-02-11 22:29 - 00018689 _____ () C:\Users\SUKHAM\Desktop\dds.txt
2014-02-11 22:27 - 2014-02-11 22:26 - 00688992 ____R (Swearware) C:\Users\SUKHAM\Downloads\dds.com
2014-02-10 18:53 - 2013-05-22 22:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-10 18:53 - 2013-05-22 22:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-10 18:53 - 2013-05-22 22:01 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-09 23:54 - 2012-11-21 00:27 - 00000000 ____D () C:\Users\SUKHAM\Documents\Visual Studio 2008
2014-02-09 23:40 - 2009-07-14 10:40 - 02495420 _____ () C:\Windows\WindowsUpdate.log
2014-02-09 23:20 - 2014-02-04 21:57 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-02-09 23:20 - 2012-02-13 15:02 - 00000000 ____D () C:\Users\SUKHAM\AppData\Local\Deployment
2014-02-09 23:16 - 2011-02-12 17:43 - 00000000 ____D () C:\Users\SUKHAM
2014-02-09 23:14 - 2013-05-22 22:01 - 00000000 ____D () C:\Windows\system32\Macromed
2014-02-09 23:14 - 2011-02-07 13:59 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-02-09 23:14 - 2009-07-14 08:50 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-09 23:14 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\registration
2014-02-09 22:02 - 2014-02-09 22:02 - 00000000 ____D () C:\Users\SUKHAM\AppData\Local\uTorrent
2014-02-09 22:00 - 2011-10-01 14:23 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2014-02-09 22:00 - 2011-06-01 00:08 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-09 22:00 - 2011-02-21 23:03 - 00000000 ____D () C:\Windows\Minidump
2014-02-09 22:00 - 2011-02-07 14:30 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-09 22:00 - 2009-07-14 08:50 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-08 00:22 - 2009-07-14 11:02 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-02-08 00:22 - 2009-07-14 11:02 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-02-08 00:22 - 2009-07-14 11:02 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-08 00:22 - 2009-07-14 11:02 - 00000000 ____D () C:\Program Files\DVD Maker
2014-02-08 00:22 - 2009-07-14 11:02 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-02-08 00:22 - 2009-07-14 11:02 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-02-08 00:22 - 2009-07-14 11:02 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-02-08 00:22 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-02-08 00:22 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\system32\com
2014-02-08 00:22 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\servicing
2014-02-08 00:22 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\IME
2014-02-08 00:21 - 2011-08-15 22:43 - 00000000 ___HD () C:\ProgramData\{ACFC9F59-F1AE-43D2-8CFE-E2F1E0F82ABA}
2014-02-08 00:21 - 2011-08-15 22:43 - 00000000 ____D () C:\Program Files (x86)\Savevid
2014-02-07 22:23 - 2014-02-07 22:23 - 00029184 _____ () C:\Users\SUKHAM\Downloads\Campus Excel.xls
2014-02-05 00:46 - 2013-05-24 17:36 - 00000000 ____D () C:\Users\SUKHAM\Desktop\resumes
2014-02-05 00:06 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-04 21:57 - 2011-02-14 11:09 - 00909680 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-04 21:55 - 2012-01-12 17:49 - 00017478 _____ () C:\Windows\PFRO.log
2014-02-04 14:45 - 2013-04-09 16:19 - 00002064 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-04 00:34 - 2011-02-18 16:16 - 00193024 _____ () C:\Users\SUKHAM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-03 01:23 - 2014-02-03 01:23 - 00000096 _____ () C:\Users\SUKHAM\Desktop\topics.txt
2014-02-03 01:10 - 2013-10-03 01:00 - 00000000 ____D () C:\Users\SUKHAM\Desktop\notepad files
2014-01-26 02:04 - 2014-01-26 01:51 - 98537720 _____ () C:\Users\SUKHAM\Downloads\R284809.exe
2014-01-26 02:04 - 2011-02-15 21:48 - 00000000 ____D () C:\Users\SUKHAM\AppData\Roaming\Skype
2014-01-26 02:03 - 2011-02-07 14:19 - 00000000 ____D () C:\Program Files (x86)\Dell
2014-01-26 02:03 - 2011-02-07 14:07 - 00000000 ____D () C:\ProgramData\Dell
2014-01-26 02:02 - 2011-02-08 02:25 - 00000000 ____D () C:\dell
2014-01-26 02:01 - 2014-01-26 01:56 - 18551104 _____ (Dell, Inc.) C:\Users\SUKHAM\Desktop\DSS_UTIL_WIN_R274693.EXE
2014-01-26 02:00 - 2014-01-26 01:56 - 16997528 _____ () C:\Users\SUKHAM\Desktop\Dell_System-Software_A02_R274693.exe
2014-01-26 01:50 - 2014-01-26 01:47 - 41070072 _____ () C:\Users\SUKHAM\Downloads\R286038.exe
2014-01-26 01:46 - 2014-01-26 01:46 - 00000000 ____D () C:\Windows\nvmup
2014-01-26 01:46 - 2011-02-08 03:19 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-26 01:44 - 2014-01-26 01:42 - 21317864 _____ () C:\Users\SUKHAM\Downloads\SKYPE-TECHNOLOGIES_SKYPE_A00_R272748.exe
2014-01-26 01:42 - 2014-01-26 01:40 - 19729279 _____ () C:\Users\SUKHAM\Downloads\R244364_RoxioBurn_v1.01_120B16F.zip
2014-01-26 01:39 - 2014-01-26 01:38 - 05647976 _____ () C:\Users\SUKHAM\Downloads\R278099.exe
2014-01-26 01:35 - 2014-01-18 10:04 - 163337928 _____ () C:\Users\SUKHAM\Desktop\R297049.exe
2014-01-19 10:59 - 2014-01-19 10:59 - 00000063 _____ () C:\Users\SUKHAM\Desktop\dell.txt
2014-01-19 10:29 - 2009-07-14 10:38 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-18 10:02 - 2014-01-18 09:51 - 13079688 _____ (Microsoft Corporation) C:\Users\SUKHAM\Downloads\Silverlight_x64.exe
2014-01-18 10:02 - 2011-02-07 14:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-18 10:01 - 2014-01-18 10:01 - 00003988 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-01-18 10:01 - 2014-01-18 10:01 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-01-18 10:01 - 2014-01-18 10:01 - 00003200 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-01-18 10:01 - 2014-01-18 10:01 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2014-01-18 10:01 - 2014-01-18 10:01 - 00000000 ____D () C:\Program Files\My Dell
2014-01-18 10:01 - 2014-01-18 10:01 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-01-18 10:01 - 2011-02-15 15:00 - 00000000 ____D () C:\ProgramData\PCDr
2014-01-18 09:47 - 2014-01-18 09:47 - 01889176 _____ (Dell Inc) C:\Users\SUKHAM\Downloads\aulauncher.exe
2014-01-18 09:44 - 2014-01-18 09:44 - 00431696 _____ () C:\Users\SUKHAM\Downloads\DellSystemDetect.exe
2014-01-17 21:33 - 2011-02-12 21:28 - 00000000 ____D () C:\Users\SUKHAM\AppData\Local\Adobe
 
Files to move or delete:
====================
C:\ProgramData\ChgService.exe
 
 
Some content of TEMP:
====================
C:\Users\SUKHAM\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\SUKHAM\AppData\Local\Temp\fileutil.dll
C:\Users\SUKHAM\AppData\Local\Temp\htmlayout.dll
C:\Users\SUKHAM\AppData\Local\Temp\install_flashplayer11x64ax_gtbp_chra_aih.exe
C:\Users\SUKHAM\AppData\Local\Temp\install_flash_player_ax_64bit.exe
C:\Users\SUKHAM\AppData\Local\Temp\Modem_installation.exe
C:\Users\SUKHAM\AppData\Local\Temp\mpam-40659749.exe
C:\Users\SUKHAM\AppData\Local\Temp\mpam-bdd40ea4.exe
C:\Users\SUKHAM\AppData\Local\Temp\Quarantine.exe
C:\Users\SUKHAM\AppData\Local\Temp\ResetDevice.exe
C:\Users\SUKHAM\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\SUKHAM\AppData\Local\Temp\setup.exe
C:\Users\SUKHAM\AppData\Local\Temp\uninst1.exe
C:\Users\SUKHAM\AppData\Local\Temp\{103F2D84-A58A-4359-8C5F-B49B64DD33A4}-chrome_installer.exe
C:\Users\SUKHAM\AppData\Local\Temp\{24753DBB-D8F7-415D-8A2A-B9DB9CCC14C7}-30.0.1599.69_29.0.1547.76_chrome_updater.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2011-07-02 17:33] - [2010-11-20 19:04] - 0295808 ____A () D41D8CD98F00B204E9800998ECF8427E
 
C:\Windows\System32\Drivers\volsnap.sys IS INFECTED. <===== ATTENTION!
 
 
 
testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!
 
 
LastRegBack: 2014-02-11 00:34
 
==================== End Of Log ============================

addition

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2014 01
Ran by SUKHAM at 2014-02-16 22:54:26
Running from C:\Users\SUKHAM\Desktop\tool
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
µTorrent (x32 Version: 3.0.0 - )
AccelerometerP11 (x32 Version: 2.00.11.15 - STMicroelectronics)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Advanced Audio FX Engine (x32 Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
CCleaner (Version: 3.02 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader 9 (x32 Version: 9.0.0 - Adobe Systems Incorporated)
Chinese Traditional Fonts Support For Adobe Reader 9 (x32 Version: 9.0.0 - Adobe Systems Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (x32 Version: 9.4.60 - Dell)
Dell DataSafe Online (x32 Version: 2.1.19634 - Dell)
Dell Edoc Viewer (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (x32 Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (x32 Version: 1.5.402.0 - Fingertapps)
Dell PhotoStage (x32 Version: 1.5.0.19 - ArcSoft)
Dell Stage (x32 Version: 1.5.420.0 - Fingertapps)
Dell VideoStage (x32 Version: 1.1.0.1011 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.1.0.1011 - CyberLink Corp.) Hidden
Dell Webcam Central (x32 Version: 2.00.35 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Docx to Doc Converter 5.06 (x32 Version:  - )
Face Recognition (Version: 3.0.85.1 - Sensible Vision)
Facebook Video Calling 2.0.0.447 (x32 Version: 2.0.447 - Skype Limited)
Free M4a to MP3 Converter 8.0 (x32 Version:  - ManiacTools.com)
Free PDF to Word Doc Converter v1.1 (x32 Version: 1.1 - www.hellopdf.com)
GDR 1617 for SQL Server 2008 R2 (KB2494088) (x32 Version: 10.50.1617.0 - Microsoft Corporation)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GoToAssist Corporate (x32 Version: 9.1.0.615 - Citrix Online, a division of Citrix Systems, Inc.)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.2189 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 13.02.1000 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 9.6.0.1014 - Intel Corporation)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6 - Intel)
Intel® Wireless Display (Version: 1.2.20.0 - Intel Corporation)
Internet Download Manager 5.18.8.0 (x32 Version:  - Tonec Inc.)
J2SE Development Kit 5.0 Update 4 (x32 Version: 1.5.0.40 - Sun Microsystems, Inc.)
Java Auto Updater (x32 Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 22 (64-bit) (Version: 6.0.220 - Oracle)
Java™ 6 Update 29 (x32 Version: 6.0.290 - Oracle)
Java™ SE Development Kit 6 Update 11 (x32 Version: 1.6.0.110 - Sun Microsystems, Inc.)
JMicron Flash Media Controller Driver (x32 Version: 1.0.52.4 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (x32 Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (x32 Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 (KB971119) (x32 Version: 9.0.30731 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 SP1 (x32 Version:  - Microsoft Corporation)
Microsoft Silverlight 3 SDK (x32 Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (x32 Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (x32 Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (x32 Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (x32 Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (x32 Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (x32 Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 (x86) (x32 Version: 2.0.1215.0 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Web Developer 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Web Developer 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (Version: 3.4.6422.14 - PC-Doctor, Inc.)
NVIDIA Display Control Panel (Version: 6.14.12.5951 - NVIDIA Corporation)
NVIDIA Drivers (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.5951 - NVIDIA Corporation)
NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden
PhotoShowExpress (x32 Version: 2.0.028 - Sonic Solutions) Hidden
Picasa 3 (x32 Version: 3.9 - Google, Inc.)
POWERPREP II (x32 Version: 1.00.0000 - ETS)
Quickset64 (Version: 10.8.5 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6240 - Realtek Semiconductor Corp.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.6 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 1.0.311 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 12.1.40.0 - Roxio)
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
SaveVid Plug-in (x32 Version: 2.0.0.107556 - Bandoo Media, Inc)
SaveVid Plug-in (x32 Version: 2.0.0.107556 - Bandoo Media, Inc) Hidden
Skype Toolbars (x32 Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 4.2 (x32 Version: 4.2.169 - Skype Technologies S.A.)
Song Mixer 3.7.3 (x32 Version:  - Black Castle Software)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SQL Server 2008 R2 BI Development Studio (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Common Files (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Full text search (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Management Studio (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Reporting Services (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (Version: 15.1.4.0 - Synaptics Incorporated)
Tata Photon+ (x32 Version: 11.030.01.18.628 - Huawei Technologies Co.,Ltd)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32 Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32 Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (x32 Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.0.5 (x32 Version: 2.0.5 - VideoLAN)
Web Deployment Tool (Version: 1.1.0618 - Microsoft Corporation)
WIDCOMM Bluetooth Software (Version: 6.3.0.6300 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinRAR archiver (x32 Version:  - )
Yahoo! Messenger (x32 Version:  - Yahoo! Inc.)
Yahoo! Software Update (x32 Version:  - )
Yahoo! Toolbar (x32 Version:  - )
Zune (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
2009-07-14 08:04 - 2009-06-11 02:30 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {020CED45-5C96-44EF-AB2D-EDB6B4531DEC} - System32\Tasks\{1D11AA08-AC09-4E54-A7D0-D99D300392DA} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {14CBE430-44EF-45D8-AE06-E9E72A37BF46} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {21BCA194-ACA6-4B72-A395-3222187481F9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1191422254-3871790684-479291829-1001UA => C:\Users\SUKHAM\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-12] (Facebook Inc.)
Task: {2388658D-9903-4BD9-8E0C-8229AA52A88A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-09] (Google Inc.)
Task: {317E55D9-BA32-44A1-B343-250983C7DAC5} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-12-03] (PC-Doctor, Inc.)
Task: {5526908D-F45F-42CD-B7C1-AE9B84576B0D} - System32\Tasks\{FAE55219-0489-430C-8AC6-4FA7D06B68B2} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {5DAE402B-2E3F-4922-957A-229616163B1C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-09] (Google Inc.)
Task: {5E9C8828-77FF-45EF-8C8F-9DE0E76D9CF5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1191422254-3871790684-479291829-1001Core => C:\Users\SUKHAM\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-12] (Facebook Inc.)
Task: {853C0483-AE84-4B7B-88D8-AEC4366373E4} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-03] (PC-Doctor, Inc.)
Task: {98D777D5-0889-47E6-85C6-9460D30D3098} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {B9D3EA2D-6C5F-4EB9-B1CB-32E3FFC9E76F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-10] (Adobe Systems Incorporated)
Task: {C0A107EF-82BA-451D-8348-6A60D61D10F6} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {C9496C1A-68F6-4335-8AB3-56B28FEF482F} - System32\Tasks\4638 => Wscript.exe C:\Users\SUKHAM\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1191422254-3871790684-479291829-1001Core.job => C:\Users\SUKHAM\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1191422254-3871790684-479291829-1001UA.job => C:\Users\SUKHAM\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-26 22:09 - 2012-08-02 14:43 - 00114688 _____ () C:\ProgramData\ChgService.exe
2009-07-14 04:49 - 2009-07-14 07:11 - 00036864 _____ () C:\Windows\system32\pcwum.dll
2010-11-01 22:40 - 2010-11-01 22:40 - 00092808 _____ () C:\Windows\system32\FAIEExtension.DLL
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: FAService => 2
MSCONFIG\Services: GoToAssist => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: RoxMediaDB12OEM => 3
MSCONFIG\Services: RoxWatch12 => 2
MSCONFIG\Services: SftService => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: TurboBoost => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Facebook Update => "C:\Users\SUKHAM\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FATrayAlert => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
MSCONFIG\startupreg: Google Update => "C:\Users\SUKHAM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/16/2014 10:25:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: WLANExt.exe, version: 6.1.7600.16385, time stamp: 0x4a5bcc33
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0x40000015
Fault offset: 0x000000000002a84e
Faulting process id: 0x504
Faulting application start time: 0xWLANExt.exe0
Faulting application path: WLANExt.exe1
Faulting module path: WLANExt.exe2
Report Id: WLANExt.exe3
 
Error: (02/15/2014 08:23:05 PM) (Source: Google Update) (User: SUKHAM-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http
 
Error: (02/15/2014 07:33:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: WLANExt.exe, version: 6.1.7600.16385, time stamp: 0x4a5bcc33
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0x40000015
Fault offset: 0x000000000002a84e
Faulting process id: 0x564
Faulting application start time: 0xWLANExt.exe0
Faulting application path: WLANExt.exe1
Faulting module path: WLANExt.exe2
Report Id: WLANExt.exe3
 
Error: (02/15/2014 04:35:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: WLANExt.exe, version: 6.1.7600.16385, time stamp: 0x4a5bcc33
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0x40000015
Fault offset: 0x000000000002a84e
Faulting process id: 0x56c
Faulting application start time: 0xWLANExt.exe0
Faulting application path: WLANExt.exe1
Faulting module path: WLANExt.exe2
Report Id: WLANExt.exe3
 
Error: (02/14/2014 09:48:58 AM) (Source: Application Error) (User: )
Description: Faulting application name: WLANExt.exe, version: 6.1.7600.16385, time stamp: 0x4a5bcc33
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0x40000015
Fault offset: 0x000000000002a84e
Faulting process id: 0x540
Faulting application start time: 0xWLANExt.exe0
Faulting application path: WLANExt.exe1
Faulting module path: WLANExt.exe2
Report Id: WLANExt.exe3
 
Error: (02/14/2014 08:00:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: WLANExt.exe, version: 6.1.7600.16385, time stamp: 0x4a5bcc33
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0x40000015
Fault offset: 0x000000000002a84e
Faulting process id: 0x55c
Faulting application start time: 0xWLANExt.exe0
Faulting application path: WLANExt.exe1
Faulting module path: WLANExt.exe2
Report Id: WLANExt.exe3
 
Error: (02/13/2014 11:44:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: USER32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9f1
Exception code: 0xc000041d
Fault offset: 0x0000000000019ac9
Faulting process id: 0x668
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (02/13/2014 11:38:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: WLANExt.exe, version: 6.1.7600.16385, time stamp: 0x4a5bcc33
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0x40000015
Fault offset: 0x000000000002a84e
Faulting process id: 0x548
Faulting application start time: 0xWLANExt.exe0
Faulting application path: WLANExt.exe1
Faulting module path: WLANExt.exe2
Report Id: WLANExt.exe3
 
Error: (02/13/2014 10:50:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: WLANExt.exe, version: 6.1.7600.16385, time stamp: 0x4a5bcc33
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0x40000015
Fault offset: 0x000000000002a84e
Faulting process id: 0x530
Faulting application start time: 0xWLANExt.exe0
Faulting application path: WLANExt.exe1
Faulting module path: WLANExt.exe2
Report Id: WLANExt.exe3
 
Error: (02/13/2014 01:14:51 PM) (Source: Google Update) (User: SUKHAM-PC)
Description: Network Request Error.
Error: 0x800421f6. Http status code: 502.
Trying config: source=IE, named proxy=10.0.0.4:80, bypass=*.local;<local>.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=10.0.0.4:80, bypass=*.local;<lo
 
 
System errors:
=============
Error: (02/16/2014 10:24:55 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MfeFire. This service might not be installed.
 
Error: (02/15/2014 09:12:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (02/15/2014 09:12:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (02/15/2014 09:12:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (02/15/2014 07:32:55 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MfeFire. This service might not be installed.
 
Error: (02/15/2014 04:58:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (02/15/2014 04:58:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (02/15/2014 04:58:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (02/15/2014 04:34:58 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MfeFire. This service might not be installed.
 
Error: (02/14/2014 11:05:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2012-06-22 23:36:25.447
  Description: N/A
 
  Date: 2012-06-22 23:36:25.387
  Description: N/A
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 35%
Total physical RAM: 3828.3 MB
Available physical RAM: 2462.76 MB
Total Pagefile: 7654.79 MB
Available Pagefile: 6030.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
 
==================== Drives ================================
 
Drive a: (New Volume) (Fixed) (Total:185.55 GB) (Free:25.92 GB) NTFS
Drive c: (OS) (Fixed) (Total:267.82 GB) (Free:200.84 GB) NTFS
Drive e: (Tata Photon+) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 30000000)
Partition 1: (Not Active) - (Size=149 MB) - (Type=DE)
Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=268 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=186 GB) - (Type=OF Extended)
 
==================== End Of Log ============================


#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:25 AM

Posted 17 February 2014 - 09:48 AM

Please execute in the order listed.

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

HKLM-x32\...\Run: [FAStartup] - [X]
URLSearchHook: HKCU - (No Name) - {b54561db-0bbb-41b4-a814-df8301fe0a8e} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
SearchScopes: HKCU - DefaultScope {47053881-2311-4862-8d59-b3fbf8433d8c} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Z3xdm007YYin&ptb=7BA6194A-46CE-4B3C-819B-38481E5D45B2&ind=2011033011&ptnrS=Z3xdm007YYin&si=&n=77ddedb3&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {1B502D42-918C-4BBC-8F7C-043431872E87} URL =
SearchScopes: HKCU - {47053881-2311-4862-8d59-b3fbf8433d8c} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Z3xdm007YYin&ptb=7BA6194A-46CE-4B3C-819B-38481E5D45B2&ind=2011033011&ptnrS=Z3xdm007YYin&si=&n=77ddedb3&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {882C2D22-D3EF-4733-A1E7-0ACB74EA6A03} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3045277
SearchScopes: HKCU - {997F8FF0-D6D3-46A6-99FF-433A3E2C6964} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000SUIN&apn_uid=D419B2FE-CF33-4895-99E5-DB651CE1A023&apn_sauid=DA8B0BB9-8E76-43CE-A791-B79256E22334&
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
Toolbar: HKCU - No Name - {B54561DB-0BBB-41B4-A814-DF8301FE0A8E} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
FF Extension: uTorrentBar2 Community Toolbar - \Extensions\{b54561db-0bbb-41b4-a814-df8301fe0a8e} [2011-10-01]
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR HKLM-x32\...\Chrome\Extension: [jealjalmcelnenljclnadlblookmkmdc] - C:\Users\SUKHAM\AppData\Local\Temp\crx905F.tmp [2013-04-09]
U5 b3fc7d5be5d4b0b; C:\Windows\System32\Drivers\b3fc7d5be5d4b0b.sys [73176 2012-07-01] ()
S1 qgeyeysa; \??\C:\Windows\system32\drivers\qgeyeysa.sys [X]
C:\Users\SUKHAM\AppData\Local\Temp\crx905F.tmp
C:\Windows\System32\Drivers\b3fc7d5be5d4b0b.sys

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.

=================

Restart the computer normally.

Let me know what problem persists..

#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:25 AM

Posted 23 February 2014 - 10:19 AM

Are you still with Me?

#11 sukham89

sukham89
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 23 February 2014 - 11:51 AM

hey i ws not having internet access with me from past 4-5 days.....will post the log asap.....thanx for extending your help and being patient.....



#12 sukham89

sukham89
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 23 February 2014 - 12:06 PM

tried downloading roguekiller but everytime its saying page not found.....please resend the link to fix it....



#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:25 AM

Posted 23 February 2014 - 02:24 PM


The link has changed. Thanks for the information.

http://www.adlice.com/softs/roguekiller/RogueKillerX64.exe

#14 sukham89

sukham89
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 24 February 2014 - 08:10 AM

here is the log

 

RogueKiller V8.8.9 _x64_ [Feb 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : SUKHAM [Admin rights]
Mode : Remove -- Date : 02/24/2014 18:37:53
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] ChgService.exe -- C:\ProgramData\ChgService.exe [-] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 14 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Google+ Auto Backup ("C:\Users\SUKHAM\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart [x]) -> DELETED
[RUN][SUSP PATH] HKCU\[...]\Run : DellSystemDetect (C:\Users\SUKHAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [x][x][x]) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-21-1191422254-3871790684-479291829-1001\[...]\Run : Google+ Auto Backup ("C:\Users\SUKHAM\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart [x]) -> [0x2] The system cannot find the file specified. 
[RUN][SUSP PATH] HKUS\S-1-5-21-1191422254-3871790684-479291829-1001\[...]\Run : DellSystemDetect (C:\Users\SUKHAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [x][x][x]) -> [0x2] The system cannot find the file specified. 
[SERVICE][Root.Necurs] HKLM\[...]\CCSet\[...]\Services : b3fc7d5be5d4b0b (C:\Windows\system32\b3fc7d5be5d4b0b.sys [x]) -> DELETED
[SERVICE][Root.Necurs] HKLM\[...]\CS001\[...]\Services : b3fc7d5be5d4b0b (C:\Windows\system32\b3fc7d5be5d4b0b.sys [x]) -> [0x3] The system cannot find the path specified. 
[SERVICE][Root.Necurs] HKLM\[...]\CS002\[...]\Services : b3fc7d5be5d4b0b (C:\Windows\system32\b3fc7d5be5d4b0b.sys [x]) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> [0x2] The system cannot find the file specified. 
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified. 
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][ROGUE ST] 4638 : wscript.exe - C:\Users\SUKHAM\AppData\Local\Temp\launchie.vbs //B -> DELETED
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection : Root.Necurs ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500420AS +++++
--- User ---
[MBR] 7f6d71c1a92a9bbc6db4f62aa9c7a069
[BSP] f3f6eb90eb3955241edbbc61cf11a1fd : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 149 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 311296 | Size: 12540 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25993216 | Size: 274244 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 587644928 | Size: 190003 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_D_02242014_183753.txt >>
RKreport[0]_S_02242014_183726.txt


#15 sukham89

sukham89
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 24 February 2014 - 08:24 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-02-2014 01
Ran by SUKHAM at 2014-02-24 18:48:27 Run:1
Running from C:\Users\SUKHAM\Desktop\tool
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
HKLM-x32\...\Run: [FAStartup] - [X]
URLSearchHook: HKCU - (No Name) - {b54561db-0bbb-41b4-a814-df8301fe0a8e} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
SearchScopes: HKCU - {1B502D42-918C-4BBC-8F7C-043431872E87} URL =
SearchScopes: HKCU - {882C2D22-D3EF-4733-A1E7-0ACB74EA6A03} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3045277
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
Toolbar: HKCU - No Name - {B54561DB-0BBB-41B4-A814-DF8301FE0A8E} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
FF Extension: uTorrentBar2 Community Toolbar - \Extensions\{b54561db-0bbb-41b4-a814-df8301fe0a8e} [2011-10-01]
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR HKLM-x32\...\Chrome\Extension: [jealjalmcelnenljclnadlblookmkmdc] - C:\Users\SUKHAM\AppData\Local\Temp\crx905F.tmp [2013-04-09]
U5 b3fc7d5be5d4b0b; C:\Windows\System32\Drivers\b3fc7d5be5d4b0b.sys [73176 2012-07-01] ()
S1 qgeyeysa; \??\C:\Windows\system32\drivers\qgeyeysa.sys [X]
C:\Users\SUKHAM\AppData\Local\Temp\crx905F.tmp
C:\Windows\System32\Drivers\b3fc7d5be5d4b0b.sys
 
end
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\FAStartup => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{b54561db-0bbb-41b4-a814-df8301fe0a8e} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1B502D42-918C-4BBC-8F7C-043431872E87} => Key deleted successfully.
HKCR\CLSID\{1B502D42-918C-4BBC-8F7C-043431872E87} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{47053881-2311-4862-8d59-b3fbf8433d8c} => Key deleted successfully.
HKCR\CLSID\{47053881-2311-4862-8d59-b3fbf8433d8c} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{882C2D22-D3EF-4733-A1E7-0ACB74EA6A03} => Key deleted successfully.
HKCR\CLSID\{882C2D22-D3EF-4733-A1E7-0ACB74EA6A03} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{997F8FF0-D6D3-46A6-99FF-433A3E2C6964} => Key deleted successfully.
HKCR\CLSID\{997F8FF0-D6D3-46A6-99FF-433A3E2C6964} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B54561DB-0BBB-41B4-A814-DF8301FE0A8E} => Value deleted successfully.
HKCR\CLSID\{B54561DB-0BBB-41B4-A814-DF8301FE0A8E} => Key not found.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
FF Extension: uTorrentBar2 Community Toolbar - \Extensions\{b54561db-0bbb-41b4-a814-df8301fe0a8e} [2011-10-01] not found.
c:\progra~2\mcafee\msc\npmcsn~1.dll not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jealjalmcelnenljclnadlblookmkmdc => Key deleted successfully.
"C:\Users\SUKHAM\AppData\Local\Temp\crx905F.tmp" => File/Directory not found.
b3fc7d5be5d4b0b => Service not found.
qgeyeysa => Service deleted successfully.
"C:\Users\SUKHAM\AppData\Local\Temp\crx905F.tmp" => File/Directory not found.
Could not move "C:\Windows\System32\Drivers\b3fc7d5be5d4b0b.sys" => Scheduled to move on reboot.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-02-24 18:50:01)<=
 
C:\Windows\System32\Drivers\b3fc7d5be5d4b0b.sys => Moved successfully.
 
==== End of Fixlog ====

was it successful.....??






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users