Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with unkown Malware/Virus Search Bar POPS UP in Chrome/Firefox.Firefox


  • This topic is locked This topic is locked
12 replies to this topic

#1 enjoylifewithsms

enjoylifewithsms

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 06 July 2016 - 02:20 AM

Hi

 

I am infected with some virus/malware which is causing additional search bar to open on firefox.It is permanent on firefox but on chrome it comes sometime.

I am unable to use firefox as it has reduce the speed of the browser.

For chrome whenever I cluck on certain button or login button then additionaly some random website open.

On opening gogole on random basis additional search bar open and what we type on google search it comes on that bar which open yahoo search or some other search .

 

I tried adw cleaner,microsoft recovery tool and they showed nothing

Anti Malwarebyters I am unable to run.After installing I tried using chamelon mode but it shows in dos that it is started then update fail and it is never running.

I have also refreshed chrome and firefox browser

Also use chrome software to remove malware.

Have MCAFFE installed in computer and done complete scan.

 

For farbar recovery mode,It is showing not responding.Kindly help

 

Screen shot attached

 

Thanks in advance

 

PS:I know an ISO file has cause this problem and I am having that in my computer if required I can share that

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:47 AM

Posted 06 July 2016 - 07:39 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.

Click the Add reply button.
===


Please post the logs for my review.

Wait for further instructions.

#3 enjoylifewithsms

enjoylifewithsms
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 06 July 2016 - 09:42 AM

@nasdaw thanks for your time.

As instructed FRST.txt Also attached Addition.txt

------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by kanishk (administrator) on ELIONDELL (06-07-2016 19:59:49)
Running from C:\Users\kanishk\Downloads
Loaded Profiles: kanishk (Available Profiles: kanishk & Administrator)
Platform: Windows 8.1 Single Language (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Andrea Vacondio) C:\Program Files\PDFsam Enhanced\creator-ws.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(www.shadowexplorer.com) C:\Program Files (x86)\ShadowExplorer\sesvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.9.741.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\MSGSDK\msgrunner.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ContextRelay\contextrelay.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\MSGSDK\msgrunner.exe
(TData.com) C:\Program Files (x86)\TData\TData.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\MSGSDK\msgrunner.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\UPDMGR\3.0.9006.2\mcupdutl.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\McClientAnalytics.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\mcinfo.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\MSGSDK\msgrunner.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\MSGSDK\msgrunner.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\UPDMGR\3.0.9006.2\mcupdatemgr.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\mcsvrcnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\MSGSDK\msgrunner.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\msm\McSmtFwk.exe
(Andrea Vacondio) C:\Program Files\PDFsam Enhanced\ws.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Google Inc.) C:\Users\kanishk\AppData\Local\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe
(Feitian) C:\Program Files (x86)\Feitian\ePass2003\ePassCertd_2003.exe
(Google Inc.) C:\Users\kanishk\AppData\Local\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Users\kanishk\AppData\Local\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\kanishk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\kanishk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\kanishk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\kanishk\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\kanishk\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\kanishk\Downloads\FRST64 (2).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-17] (Dell Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ePass2003_std] => C:\Program Files (x86)\Feitian\ePass2003\ePassCertd_2003.exe [186688 2015-09-09] (Feitian)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [sun21] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [133760 2014-01-08] (Qualcomm®Atheros®)
HKU\S-1-5-21-590908152-332062597-4289118028-1001\...\Run: [Google Update] => C:\Users\kanishk\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-07] (Google Inc.)
HKU\S-1-5-21-590908152-332062597-4289118028-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-590908152-332062597-4289118028-1001\...\MountPoints2: {448e9ed8-e12c-11e5-826e-9cad9714936e} - "E:\OnePlus_USB_Drivers_Setup.exe" 
HKU\S-1-5-21-590908152-332062597-4289118028-1001\...\MountPoints2: {464dbc74-70c7-11e5-82cd-9cad9714936e} - "E:\autorun.exe" 
HKU\S-1-5-21-590908152-332062597-4289118028-1001\...\MountPoints2: {64e4d9f3-a6b0-11e4-8260-9cad9714936e} - "E:\TRUST_KEY.exe" 
HKU\S-1-5-21-590908152-332062597-4289118028-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe (McAfee, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
AutoConfigURL: [S-1-5-21-590908152-332062597-4289118028-1001] => hxxp://unstops.info/wpad.dat?bbb40b3283a4616870314b90b36ca04612363332
Winsock: Catalog5 01 C:\ProgramData\System32\SafeGuard32.DLL No File 
Winsock: Catalog5-x64 01 C:\ProgramData\System32\SafeGuard64.DLL [3631136 2016-06-15] ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 103.56.228.1 103.56.229.1
Tcpip\..\Interfaces\{2668BFB2-097D-4AF4-8378-78772B49C506}: [DhcpNameServer] 172.151.1.174
Tcpip\..\Interfaces\{AD2C63FE-20CB-4CFF-AD6E-A1A9972AB3EF}: [DhcpNameServer] 103.56.228.1 103.56.229.1
ManualProxies: 0hxxp://unstops.info/wpad.dat?bbb40b3283a4616870314b90b36ca04612363332
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-590908152-332062597-4289118028-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-590908152-332062597-4289118028-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-590908152-332062597-4289118028-1001 -> DefaultScope {D94E3047-E606-4CB0-BB83-932524BEB92C} URL = 
SearchScopes: HKU\S-1-5-21-590908152-332062597-4289118028-1001 -> {D94E3047-E606-4CB0-BB83-932524BEB92C} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2016-01-11] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2016-01-11] (Oracle Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-06] (Intel Security)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: PDFsam Enhanced Helper -> {6401BC8F-9AD0-430B-BF2C-2A34B0E98466} -> C:\Program Files (x86)\PDFsam Enhanced\creator-ie-helper.dll [2015-11-11] (Andrea Vacondio)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDFsam Enhanced Toolbar - {AD42CFE2-C0AD-487E-8224-C2AEF09F4CEB} - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-plugin.dll [2015-11-11] (Andrea Vacondio)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-06] (Intel Security)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2016-04-20] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2016-04-20] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2016-04-20] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2016-04-20] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-04-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-04-28] (McAfee, Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\kanishk\AppData\Roaming\Profiles\rq3f44vz.default
FF Homepage: google.co.in
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-10] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2016-01-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2016-01-11] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-04-28] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-04-28] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: PDFsam Enhanced -> C:\Program Files (x86)\PDFsam Enhanced\np-previewer.dll [2015-11-11] (Andrea Vacondio)
FF Plugin HKU\S-1-5-21-590908152-332062597-4289118028-1001: @tools.google.com/Google Update;version=3 -> C:\Users\kanishk\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-590908152-332062597-4289118028-1001: @tools.google.com/Google Update;version=9 -> C:\Users\kanishk\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-590908152-332062597-4289118028-1001: SkypePlugin -> C:\Users\kanishk\AppData\Local\SkypePlugin\7.19.0.182\npGatewayNpapi.dll [2016-05-27] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-590908152-332062597-4289118028-1001: SkypePlugin64 -> C:\Users\kanishk\AppData\Local\SkypePlugin\7.19.0.182\npGatewayNpapi-x64.dll [2016-05-27] (Skype Technologies S.A.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\kanishk\AppData\Roaming\Mozilla\Firefox\Profiles\nipffinv.default\searchplugins\McSiteAdvisor.xml [2016-03-09]
FF SearchPlugin: C:\Users\kanishk\AppData\Roaming\Profiles\rq3f44vz.default\searchplugins\5banbmid.xml [2016-07-02]
FF SearchPlugin: C:\Users\kanishk\AppData\Roaming\Profiles\rq3f44vz.default\searchplugins\McSiteAdvisor.xml [2016-03-09]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-03]
FF HKLM\...\Firefox\Extensions: [pdfsam_enhanced_conv@pdfsam.com] - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension
FF Extension: PDFsam Enhanced Creator - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension [2016-03-11] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\anbhoirrme.cfg [2016-07-02] <==== ATTENTION
 
Chrome: 
=======
CHR HomePage: areraiedchegoghqituty -> hxxp://google.com/
CHR StartupUrls: areraiedchegoghqituty -> "hxxp://google.co.in/"
CHR Profile: C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-04]
CHR Extension: (Google Docs) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-04]
CHR Extension: (eRail.in) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopfgjfeiimeioiajeknfidlljpoebgc [2015-12-29]
CHR Extension: (Google Drive) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-04]
CHR Extension: (Skype Calling) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-05-27]
CHR Extension: (YouTube) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-04]
CHR Extension: (Google Search) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-04]
CHR Extension: (Google Sheets) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-04]
CHR Extension: (SiteAdvisor) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-05-02]
CHR Extension: (Google Docs Offline) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Google Hangouts) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2016-06-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-02]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-02]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [318592 2014-01-08] (Windows ® Win 7 DDK provider) [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-11] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [293440 2014-04-02] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-02-25] (Intel Corporation)
S2 IhPul; C:\Users\kanishk\AppData\Roaming\TSv\TSvr.exe [475856 2016-07-04] () [File not signed]
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel® Corporation)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3020440 2015-11-25] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-04-20] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [989192 2016-04-28] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe [293128 2016-05-31] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe [1903320 2016-04-18] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [795528 2016-04-20] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-03-07] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-04-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-03-07] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1424352 2016-04-21] (McAfee, Inc.)
R3 PDFsam Enhanced; C:\Program Files\PDFsam Enhanced\ws.exe [2318912 2015-11-11] (Andrea Vacondio)
S3 PDFsam Enhanced CrashHandler; C:\Program Files\PDFsam Enhanced\crash-handler-ws.exe [921664 2015-11-11] (Andrea Vacondio)
R2 PDFsam Enhanced Creator; C:\Program Files\PDFsam Enhanced\creator-ws.exe [734272 2015-11-11] (Andrea Vacondio)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1029856 2016-04-21] (Intel Security, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [File not signed]
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-05] (SoftThinks SAS)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [31192 2016-02-02] (SHAREit Technologies Co.Ltd)
S2 shnCldchr.exe; C:\Program Files (x86)\Przaing\shnCldchr.exe [714976 2016-07-02] ()
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
R2 TDataSvr; C:\Program Files (x86)\TData\TData.exe [134344 2016-06-29] (TData.com)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [886096 2016-06-03] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-06-03] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-06-03] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-13] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-01-08] (Qualcomm Atheros)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-03-11] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-06] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-09-11] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 egg_util; C:\Windows\EUtil_amd64.sys [26512 2016-05-24] ()
R3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2016-03-11] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-03-11] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-03-11] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-03-11] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [842536 2016-03-11] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [45728 2016-03-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243496 2016-03-11] (McAfee, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42664 2015-01-09] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-06 19:59 - 2016-07-06 20:01 - 00029084 _____ C:\Users\kanishk\Downloads\FRST.txt
2016-07-06 19:59 - 2016-07-06 19:59 - 02390016 _____ (Farbar) C:\Users\kanishk\Downloads\FRST64 (2).exe
2016-07-06 19:54 - 2016-07-06 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-07-06 19:52 - 2016-07-06 19:52 - 00000000 ___RD C:\Users\kanishk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-07-06 19:51 - 2016-07-06 19:51 - 00003846 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-07-06 12:34 - 2016-07-06 19:59 - 00000000 ____D C:\FRST
2016-07-06 12:33 - 2016-07-06 12:33 - 02390016 _____ (Farbar) C:\Users\kanishk\Downloads\FRST64 (1).exe
2016-07-06 12:06 - 2016-07-06 12:06 - 00075264 _____ C:\Users\kanishk\Downloads\USFM - Liquid -ADS - datasheet to be filled by customer.xls
2016-07-06 11:34 - 2016-07-06 11:34 - 00135417 _____ C:\Users\kanishk\Downloads\Flow Product Range Excel Sheet (1).xlsx
2016-07-05 17:28 - 2016-07-05 17:29 - 05659337 _____ (Swearware) C:\Users\kanishk\Downloads\ComboFix.exe
2016-07-05 16:36 - 2016-07-05 16:37 - 15905606 _____ C:\Users\kanishk\Downloads\Electrical safety audit report_Writers Corporation, Gen 72-1,Opp.DNA Press, Mhape, Navi Mumbai.rar
2016-07-05 16:25 - 2016-07-05 16:25 - 00009430 _____ C:\WINDOWS\System32\Tasks\Browser Updater Task(Core)
2016-07-05 16:25 - 2016-07-05 16:25 - 00000001 _____ C:\WINDOWS\SysWOW64\en.html
2016-07-05 16:25 - 2016-07-05 16:25 - 00000000 ____D C:\Users\kanishk\AppData\Roaming\TSv
2016-07-05 16:25 - 2016-07-05 16:25 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser
2016-07-05 16:25 - 2016-07-05 16:25 - 00000000 ____D C:\Program Files (x86)\TData
2016-07-05 16:25 - 2016-07-05 16:25 - 00000000 ____D C:\Program Files (x86)\rlpqwqn8
2016-07-05 16:25 - 2016-07-05 16:25 - 00000000 ____D C:\Program Files (x86)\{1A3F5F34-102B-419A-967D-500402EB1081}
2016-07-05 13:58 - 2016-07-05 13:58 - 00009007 _____ C:\Users\kanishk\Downloads\FlipkartTp.xlsx
2016-07-05 13:36 - 2016-07-05 13:37 - 09027052 _____ C:\Users\kanishk\Downloads\FlowProducts (1).zip
2016-07-05 11:57 - 2016-07-05 12:00 - 00010205 _____ C:\Users\kanishk\Downloads\Safety Audit.xlsx
2016-07-05 11:27 - 2016-07-05 11:28 - 00373926 _____ C:\Users\kanishk\Downloads\IEEE Std 519-1992 Harmonic Limits - 07_TMB (2).pdf
2016-07-05 10:39 - 2016-07-06 16:07 - 00000000 ____D C:\Users\kanishk\Desktop\Santhosh
2016-07-05 10:25 - 2016-07-05 10:25 - 00001161 _____ C:\Users\Public\Desktop\Power Log.lnk
2016-07-05 10:23 - 2016-07-05 10:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fluke
2016-07-05 10:23 - 2016-07-05 10:23 - 00000000 ____D C:\Program Files (x86)\Fluke
2016-07-05 10:19 - 2016-07-05 10:19 - 00000000 ____D C:\Users\kanishk\Desktop\FLUKE
2016-07-04 16:55 - 2016-07-04 16:55 - 02390016 _____ (Farbar) C:\Users\kanishk\Downloads\FRST64.exe
2016-07-04 16:14 - 2016-07-06 12:47 - 00000000 ____D C:\Users\kanishk\Desktop\New folder (4)
2016-07-04 16:01 - 2016-07-04 16:01 - 12233957 _____ C:\Users\kanishk\Desktop\Desktop.rar
2016-07-04 15:35 - 2016-07-04 15:35 - 00044216 _____ C:\Users\kanishk\Downloads\Report Tracker.xlsx
2016-07-04 15:27 - 2016-07-05 12:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-04 15:27 - 2016-07-04 16:37 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-04 15:27 - 2016-07-04 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-04 15:27 - 2016-07-04 15:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-04 15:27 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-07-04 15:27 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-04 15:27 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-04 15:26 - 2016-07-04 14:35 - 22851472 _____ (Malwarebytes ) C:\Users\kanishk\Desktop\mubm.exe
2016-07-04 12:59 - 2016-07-04 13:00 - 01490592 _____ C:\Users\kanishk\Downloads\AnyDesk (1).exe
2016-07-04 11:46 - 2016-07-04 11:51 - 50716384 _____ (Microsoft Corporation) C:\Users\kanishk\Downloads\Windows-KB890830-x64-V5.37.exe
2016-07-04 11:05 - 2016-07-04 11:05 - 00035328 _____ C:\Users\kanishk\Downloads\ELION(1).xls
2016-07-04 10:51 - 2016-07-04 10:51 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-04 10:51 - 2016-07-04 10:51 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-07-04 10:42 - 2016-07-04 10:42 - 00242120 _____ C:\Users\kanishk\Downloads\Firefox Setup Stub 47.0.1.exe
2016-07-04 10:17 - 2016-07-04 10:38 - 00000000 ____D C:\AdwCleaner
2016-07-04 10:15 - 2016-07-04 10:16 - 03712064 _____ C:\Users\kanishk\Downloads\adwcleaner_5.201.exe
2016-07-02 17:45 - 2016-07-02 17:46 - 05603048 _____ ( ) C:\Users\kanishk\Downloads\Zemana.AntiMalware.Setup.exe
2016-07-02 17:43 - 2016-07-02 17:47 - 00002832 _____ C:\Users\kanishk\Desktop\Rkill.txt
2016-07-02 17:42 - 2016-07-02 17:43 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\kanishk\Downloads\rkill.exe
2016-07-02 17:29 - 2016-07-02 17:29 - 00000000 ____D C:\ProgramData\System32
2016-07-02 17:25 - 2016-07-02 17:25 - 00008958 _____ C:\WINDOWS\System32\Tasks\Shanot Cloud
2016-07-02 17:24 - 2016-07-02 17:27 - 00000000 ____D C:\Users\kanishk\AppData\Local\vefershcoobasyphijaent
2016-07-02 17:22 - 2016-07-05 10:43 - 00000000 ____D C:\Users\kanishk\Desktop\TIRUPATI REPORTS
2016-07-02 17:22 - 2016-07-04 10:08 - 00000000 ____D C:\Program Files (x86)\Przaing
2016-07-02 17:17 - 2016-07-02 17:18 - 04708352 _____ C:\Users\kanishk\Downloads\Flir_Reporter_9_Keygen.iso
2016-07-02 13:49 - 2016-07-02 13:52 - 00000368 _____ C:\Users\kanishk\Downloads\Import_EasyEcom_orders.csv
2016-07-02 13:44 - 2016-07-02 13:44 - 00000219 _____ C:\Users\kanishk\Downloads\BulkReturn.csv
2016-07-02 13:40 - 2016-07-02 13:40 - 00000350 _____ C:\Users\kanishk\Downloads\SKU_commission_Settings8861206122.csv
2016-07-02 13:38 - 2016-07-02 13:38 - 00000501 _____ C:\Users\kanishk\Downloads\ProductAttribute.csv
2016-07-02 13:37 - 2016-07-02 13:37 - 00012348 _____ C:\Users\kanishk\Downloads\Payment_Report14674468518322007376.csv
2016-07-02 13:36 - 2016-07-02 13:36 - 00000000 _____ C:\Users\kanishk\Downloads\14674467841322595054_Unsettled_DATA.csv
2016-07-02 13:19 - 2016-07-02 13:19 - 02666534 _____ C:\Users\kanishk\Downloads\FlowProducts.zip
2016-07-02 13:04 - 2016-07-02 13:04 - 00094949 _____ C:\Users\kanishk\Downloads\57776e55e4b07e27e83b51b6_82dd8ba9727769530bcc15db4e4c9ad2.csv
2016-07-02 13:00 - 2016-07-02 13:00 - 00000000 ____D C:\Users\kanishk\AppData\Roaming\AnyDesk
2016-07-02 12:59 - 2016-07-02 12:59 - 01490592 _____ C:\Users\kanishk\Downloads\AnyDesk.exe
2016-07-02 12:01 - 2016-07-02 12:01 - 00049529 _____ C:\Users\kanishk\Downloads\package(12).pdf
2016-07-02 12:00 - 2016-07-02 12:00 - 00005018 _____ C:\Users\kanishk\Downloads\products(19).pdf
2016-07-02 10:55 - 2016-07-02 10:55 - 00007535 _____ C:\Users\kanishk\Downloads\OpTransactionHistory02-07-2016.csv
2016-07-02 10:36 - 2016-07-02 10:36 - 00002429 _____ C:\Users\kanishk\Downloads\Jul2016%2fzip%2f18669944.zip
2016-07-02 10:35 - 2016-07-02 10:35 - 00167493 _____ C:\Users\kanishk\Downloads\May2016%2fzip%2f18026254 (1).zip
2016-07-01 16:05 - 2016-07-01 16:05 - 00553341 _____ C:\Users\kanishk\Downloads\PassportApplicationForm_PCC_English_V2.0.zip
2016-07-01 13:55 - 2016-07-01 13:55 - 00050176 _____ C:\Users\kanishk\Downloads\landline_trai.xls
2016-07-01 11:49 - 2016-07-02 11:52 - 00000000 ____D C:\Users\kanishk\Desktop\New folder (3)
2016-07-01 10:55 - 2016-07-01 10:55 - 00097222 _____ C:\Users\kanishk\Downloads\SLA_BulkSMS.pdf
2016-07-01 10:55 - 2016-07-01 10:55 - 00033193 _____ C:\Users\kanishk\Downloads\esclationmatrix.pdf
2016-07-01 10:15 - 2016-07-01 10:15 - 00001982 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-07-01 10:15 - 2016-07-01 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-06-30 15:51 - 2016-06-30 15:53 - 03948543 _____ C:\Users\kanishk\Downloads\fwnextstep.zip
2016-06-30 15:39 - 2016-06-30 15:43 - 03673207 _____ C:\Users\kanishk\Downloads\auditreportformat.zip
2016-06-30 15:22 - 2016-06-30 15:22 - 00237306 _____ C:\Users\kanishk\Downloads\supplier.zip
2016-06-30 13:51 - 2016-06-30 13:52 - 01770816 _____ C:\Users\kanishk\Downloads\scope.zip
2016-06-30 13:22 - 2016-06-30 13:23 - 00545469 _____ C:\Users\kanishk\Downloads\Digital LUX meter.pdf
2016-06-30 12:53 - 2016-06-30 12:53 - 00057721 _____ C:\Users\kanishk\Downloads\Kanishk Khanna.pdf
2016-06-30 12:53 - 2016-06-30 12:53 - 00016425 _____ C:\Users\kanishk\Downloads\PR1606-7864 (1).pdf
2016-06-30 12:48 - 2016-06-30 12:51 - 00048519 _____ C:\Users\kanishk\Downloads\CostLocationWise.xlsx
2016-06-30 11:16 - 2016-06-30 11:16 - 00016425 _____ C:\Users\kanishk\Downloads\PR1606-7864.pdf
2016-06-29 18:22 - 2016-06-29 18:23 - 02923055 _____ C:\Users\kanishk\Downloads\E-Fulfillment Services.pptx
2016-06-29 13:19 - 2016-06-29 13:19 - 00070198 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18613297 (1).zip
2016-06-29 13:18 - 2016-06-29 13:18 - 00493244 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18625611 (1).zip
2016-06-29 13:15 - 2016-06-29 13:15 - 00070198 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18613297.zip
2016-06-29 13:13 - 2016-06-29 13:13 - 00493244 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18615299.zip
2016-06-29 13:13 - 2016-06-29 13:13 - 00001742 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18593581.zip
2016-06-29 13:12 - 2016-06-29 13:12 - 00287772 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18584759.zip
2016-06-29 13:10 - 2016-06-29 13:10 - 00334192 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18572520.zip
2016-06-29 13:09 - 2016-06-29 13:09 - 00514987 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18563166.zip
2016-06-29 13:09 - 2016-06-29 13:09 - 00001800 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18577164.zip
2016-06-29 13:07 - 2016-06-29 13:07 - 00493244 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18625611.zip
2016-06-29 13:06 - 2016-06-29 13:06 - 00004077 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18616434 (1).zip
2016-06-29 13:05 - 2016-06-29 13:05 - 00004077 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18616434.zip
2016-06-29 13:04 - 2016-06-29 13:04 - 01093375 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18572548_TD_22b9814e216c4513a70b63f23a3722a2.zip
2016-06-29 13:03 - 2016-06-29 13:04 - 02071388 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18616434_TD_filef838787aabe3439b94989a08c5487b47.pdf
2016-06-29 12:59 - 2016-06-29 13:00 - 02003746 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18616434_TD_fileaead6d4bb8d54bbd8004b0f5371578f2.zip
2016-06-29 11:27 - 2016-06-29 11:29 - 04988503 _____ C:\Users\kanishk\Downloads\fwdfww_o_elion.zip
2016-06-29 11:12 - 2016-06-29 11:12 - 00299584 _____ C:\Users\kanishk\Downloads\SKMBT_28316062718140.pdf
2016-06-24 12:54 - 2016-07-06 17:25 - 00000000 ____D C:\Users\kanishk\Desktop\TV 18 BROADCAST LTD FC -7 (2016)
2016-06-24 12:20 - 2016-06-24 12:21 - 01590718 _____ C:\Users\kanishk\Downloads\Themography Report.pdf
2016-06-24 10:25 - 2016-06-24 10:25 - 00000000 ____D C:\Users\kanishk\Desktop\print
2016-06-23 13:31 - 2016-06-23 13:31 - 00526354 _____ C:\Users\kanishk\Desktop\kritinagar.csv
2016-06-23 13:27 - 2016-06-23 13:27 - 00085031 _____ C:\Users\kanishk\Downloads\FYReport_S3b60e_2015-2016_882.zip
2016-06-23 13:25 - 2016-06-23 13:25 - 02038272 _____ C:\Users\kanishk\Desktop\samalkha.xls
2016-06-23 13:25 - 2016-06-23 13:25 - 00000920 _____ C:\Users\kanishk\Documents\rahul (laptop1) - Shortcut.lnk
2016-06-23 13:22 - 2016-06-23 13:22 - 00186912 _____ C:\Users\kanishk\Downloads\FYReport_Sc9f28_2015-2016_884.zip
2016-06-23 13:19 - 2016-06-23 13:19 - 00371200 _____ C:\Users\kanishk\Desktop\Bijwasan.xls
2016-06-23 13:15 - 2016-06-23 13:15 - 00041443 _____ C:\Users\kanishk\Downloads\FYReport_S2be44_2015-2016_885.zip
2016-06-23 12:41 - 2016-06-23 12:41 - 01732096 _____ C:\Users\kanishk\Desktop\Mundka.xls
2016-06-23 12:36 - 2016-06-23 12:36 - 00176840 _____ C:\Users\kanishk\Downloads\FYReport_Sa28bb_2015-2016_639.zip
2016-06-22 16:21 - 2016-06-22 16:21 - 00810701 _____ C:\Users\kanishk\Downloads\Electrical Safety Audit Report _EIPPL, Vizag (1).pdf
2016-06-22 11:29 - 2016-06-22 11:30 - 01847339 _____ C:\Users\kanishk\Downloads\TECHNICAL_BID_PT89.rar
2016-06-22 11:29 - 2016-06-22 11:29 - 00292353 _____ C:\Users\kanishk\Downloads\NIT_1 (11).pdf
2016-06-22 10:55 - 2016-06-22 10:55 - 00013758 _____ C:\Users\kanishk\Downloads\May2016%2fzip%2f18201811.zip
2016-06-22 10:28 - 2016-06-22 10:29 - 01442727 _____ C:\Users\kanishk\Downloads\Ola Corporate Overview....V2.pdf
2016-06-21 11:59 - 2016-06-21 11:59 - 00041984 _____ C:\Users\kanishk\Downloads\S_listing--ui--group_8dp9z4osohmq2ar0_2106-115851_default.xls
2016-06-21 11:35 - 2016-06-21 11:35 - 00096982 _____ C:\Users\kanishk\Downloads\items.1466489131071.csv
2016-06-21 11:24 - 2016-06-21 11:24 - 00062021 _____ C:\Users\kanishk\Downloads\items.1466488440310.csv
2016-06-21 11:14 - 2016-06-21 11:14 - 00305574 _____ C:\Users\kanishk\Downloads\16A.pdf
2016-06-21 11:14 - 2016-06-21 11:14 - 00081264 _____ C:\Users\kanishk\Downloads\16.pdf
2016-06-21 11:12 - 2016-06-21 11:12 - 00235619 _____ C:\Users\kanishk\Downloads\tds(1) (2).zip
2016-06-21 10:59 - 2016-06-21 10:59 - 00231065 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18521875_TD_fileb75baca70c7f4ccba540b2057c988b84.zip
2016-06-21 10:59 - 2016-06-21 10:59 - 00064078 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18521875_TD_file69f5c8fdd07a4ab788d2c70d50733c61.pdf
2016-06-21 10:59 - 2016-06-21 10:59 - 00006352 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18521875.zip
2016-06-21 10:58 - 2016-06-21 10:58 - 00182584 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18524736_TD_DNIT_636018258768118991.pdf
2016-06-21 10:58 - 2016-06-21 10:58 - 00028254 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18524736_TD_NIT_636018258625534734.pdf
2016-06-21 10:56 - 2016-06-21 10:56 - 00002114 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18524736.zip
2016-06-20 16:12 - 2016-06-20 16:13 - 00602806 _____ C:\Users\kanishk\Downloads\PU00904002E.PDF
2016-06-20 13:59 - 2016-06-20 13:59 - 00000000 ____D C:\Users\kanishk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Control Techniques
2016-06-20 13:59 - 2016-06-20 13:59 - 00000000 ____D C:\Program Files (x86)\CT Harmonic Calculator
2016-06-20 13:58 - 2016-06-20 14:01 - 12236140 _____ (Control Techniques ) C:\Users\kanishk\Downloads\ctese_V010300 (1).exe
2016-06-20 13:57 - 2016-06-20 14:01 - 12236140 _____ (Control Techniques ) C:\Users\kanishk\Downloads\ctese_V010300.exe
2016-06-20 13:57 - 2016-06-20 13:58 - 01571965 _____ (Control Techniques ) C:\Users\kanishk\Downloads\CT Harmonic Calculator.exe
2016-06-20 13:54 - 2016-06-20 13:54 - 00354413 _____ C:\Users\kanishk\Downloads\file_50bf1280e3cc7_The PQI Calculator Information Checklist GR019-A.pdf
2016-06-19 14:00 - 2016-06-19 14:01 - 00005814 _____ C:\Users\kanishk\Downloads\CatalogReport_19_06_2016_13_45_00_514-1597309633.xlsx
2016-06-18 15:57 - 2016-06-18 15:57 - 00208111 _____ C:\Users\kanishk\Downloads\tataaig01070616.pdf
2016-06-18 13:44 - 2016-06-18 13:46 - 13965089 _____ C:\Users\kanishk\Downloads\revisedreports.zip
2016-06-18 12:10 - 2016-06-18 12:10 - 00011659 _____ C:\Users\kanishk\Downloads\1-30 may.xlsx
2016-06-18 11:28 - 2016-06-18 11:38 - 00000000 ____D C:\Users\kanishk\Desktop\New folder (5)
2016-06-18 10:29 - 2016-06-18 10:29 - 00013236 _____ C:\Users\kanishk\Downloads\bulk-upload-multiple-shipments.xlsx
2016-06-17 16:45 - 2016-06-17 16:45 - 00802690 _____ C:\Users\kanishk\Downloads\Proposal for Ecommerce Solutions.pdf
2016-06-17 13:41 - 2016-06-17 13:42 - 00000000 ____D C:\Users\kanishk\AppData\Roaming\vlc
2016-06-17 13:41 - 2016-06-17 13:41 - 00001084 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-06-17 13:41 - 2016-06-17 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-06-17 13:40 - 2016-06-17 13:40 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-06-17 13:34 - 2016-06-17 13:36 - 30533688 _____ C:\Users\kanishk\Downloads\vlc-2.2.4-win32.exe
2016-06-16 17:14 - 2016-06-16 17:14 - 00184597 _____ C:\Users\kanishk\Downloads\Edn (1).Checklist Below 6M &amp
2016-06-16 17:13 - 2016-06-16 17:14 - 10838581 _____ C:\Users\kanishk\Downloads\Fire Precaution in schools1.pdf
2016-06-16 17:08 - 2016-06-16 17:09 - 01681919 _____ C:\Users\kanishk\Downloads\Fire Retardant paint .pdf
2016-06-16 17:04 - 2016-06-16 17:04 - 00000218 _____ C:\Users\kanishk\AppData\Local\recently-used.xbel
2016-06-16 16:02 - 2016-06-16 16:02 - 00396413 _____ C:\Users\kanishk\Downloads\Fee_Particulars.pdf
2016-06-16 15:58 - 2016-06-16 15:58 - 00184597 _____ C:\Users\kanishk\Downloads\Edn.Checklist Below 6M &amp
2016-06-16 14:01 - 2016-06-16 14:01 - 00724251 _____ C:\Users\kanishk\Downloads\list of branches for Vendors (1).xlsx
2016-06-16 13:57 - 2016-06-24 10:18 - 00676105 _____ C:\Users\kanishk\Downloads\list of branches for Vendors.xlsx
2016-06-16 13:49 - 2016-06-16 13:49 - 00002873 _____ C:\Users\kanishk\Downloads\udta punjab 2016 censor board rip - x264 - 1cd - ictv 8th anniversary special.torrent
2016-06-16 13:42 - 2016-06-16 13:42 - 00000000 ____D C:\Users\kanishk\Downloads\www.TamilRockers.to - Udta Punjab [2016] Hindi Censor HDRip x264 700MB
2016-06-16 13:40 - 2016-06-16 13:40 - 00015700 _____ C:\Users\kanishk\Downloads\- udta punjab 2016 hindi censor hdrip x264 700mb.torrent
2016-06-16 13:07 - 2016-06-16 13:07 - 01589534 _____ C:\Users\kanishk\Downloads\Authorization of Energy Audit Renew 01.pdf
2016-06-15 17:26 - 2016-06-15 17:26 - 00026466 _____ C:\Users\kanishk\Downloads\Sa28bb_FC_VOI_Snapdeal_Cancelled_Invoice_Vendor_Report_CREATED_01042016_30042016.csv
2016-06-15 17:25 - 2016-06-15 17:25 - 00000186 _____ C:\Users\kanishk\Downloads\Reports_Order By Merchant2016-06-15.csv
2016-06-15 17:18 - 2016-06-15 17:18 - 00009227 _____ C:\Users\kanishk\Downloads\8dp9z4osohmq2ar0(1).xlsx
2016-06-15 17:03 - 2016-06-15 17:03 - 00133709 _____ C:\Users\kanishk\Downloads\Sa28bb_FC_VOI_Snapdeal_Dispatch_Vendor_Report_CREATED_17052016_15062016(1).csv
2016-06-15 17:03 - 2016-06-15 17:03 - 00001006 _____ C:\Users\kanishk\Downloads\Sa28bb_FC_VOI_OBNM_CREATED_17052016_15062016(1).csv
2016-06-15 16:54 - 2016-06-15 16:54 - 00049580 _____ C:\Users\kanishk\Downloads\Orders(6).csv
2016-06-15 16:49 - 2016-06-15 16:49 - 00133709 _____ C:\Users\kanishk\Downloads\Sa28bb_FC_VOI_Snapdeal_Dispatch_Vendor_Report_CREATED_17052016_15062016.csv
2016-06-15 16:49 - 2016-06-15 16:49 - 00001006 _____ C:\Users\kanishk\Downloads\Sa28bb_FC_VOI_OBNM_CREATED_17052016_15062016.csv
2016-06-15 16:41 - 2016-06-15 16:41 - 00005321 _____ C:\Users\kanishk\Downloads\Orders(5).csv
2016-06-15 16:39 - 2016-06-15 16:39 - 00049580 _____ C:\Users\kanishk\Downloads\Orders(4).csv
2016-06-15 16:28 - 2016-06-15 16:28 - 00035760 _____ C:\Users\kanishk\Downloads\2598991914016967.txt
2016-06-15 16:12 - 2016-06-15 16:12 - 00001161 _____ C:\Users\kanishk\Downloads\8dp9z4osohmq2ar0_2016-05-17_2016-06-15.csv
2016-06-15 16:11 - 2016-06-15 16:12 - 00004746 _____ C:\Users\kanishk\Downloads\statementview.pdf
2016-06-15 16:02 - 2016-06-15 16:02 - 00029999 _____ C:\Users\kanishk\Downloads\orders(3).csv
2016-06-15 15:59 - 2016-06-15 15:59 - 00171548 _____ C:\Users\kanishk\Downloads\8dp9z4osohmq2ar0_12_2014-04-01
2016-06-15 15:59 - 2016-06-15 15:59 - 00000127 _____ C:\Users\kanishk\Downloads\8dp9z4osohmq2ar0_2016-06-10_2016-06-10.csv
2016-06-15 15:53 - 2016-06-15 15:53 - 00118921 _____ C:\Users\kanishk\Downloads\SettledTxn_12-6-2016_1468580_230174(1).xlsx
2016-06-15 13:57 - 2016-06-15 13:57 - 06288888 _____ C:\Users\kanishk\Downloads\udiMagicDemo.zip
2016-06-15 13:08 - 2016-06-15 13:08 - 00136474 _____ C:\Users\kanishk\Downloads\Sa28bb_FC_VOI_Snapdeal_Dispatch_Vendor_Report_CREATED_01052016_31052016.csv
2016-06-15 13:03 - 2016-06-15 13:03 - 00118921 _____ C:\Users\kanishk\Downloads\SettledTxn_12-6-2016_1468580_230174.xlsx
2016-06-15 13:03 - 2016-06-15 13:03 - 00004869 _____ C:\Users\kanishk\Downloads\PaymentsReport_15_06_2016_12_25_00_155-1246890267.xlsx
2016-06-15 13:00 - 2016-06-15 13:00 - 00009299 _____ C:\Users\kanishk\Downloads\Sa28bb_FC_VOI_Snapdeal_Cancelled_Invoice_Vendor_Report_CREATED_09062016_15062016.csv
2016-06-15 13:00 - 2016-06-15 13:00 - 00000987 _____ C:\Users\kanishk\Downloads\Sa28bb_FC_VOI_OBNM_CREATED_01062016_15062016(1).csv
2016-06-15 12:50 - 2016-06-15 12:50 - 00077312 _____ C:\Users\kanishk\Downloads\ITEM_LIST (1).xls
2016-06-15 12:49 - 2016-06-15 12:49 - 03995074 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18449867_TD_99c1e837786942888227bd0cc7588d3d.zip
2016-06-15 12:49 - 2016-06-15 12:49 - 01381421 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18450327_TD_726eaac417b94163b9527b85ee7dd873.zip
2016-06-15 12:48 - 2016-06-15 12:48 - 02283245 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18450665_TD_35861d384ebb47e495452f3495fa557c.zip
2016-06-15 12:46 - 2016-06-15 12:46 - 00000987 _____ C:\Users\kanishk\Downloads\Sa28bb_FC_VOI_OBNM_CREATED_01062016_15062016.csv
2016-06-15 11:42 - 2016-06-15 11:42 - 00235619 _____ C:\Users\kanishk\Downloads\tds(1) (1).zip
2016-06-15 10:30 - 2016-06-15 10:30 - 00000114 _____ C:\Users\kanishk\Desktop\EazySupportChat.txt
2016-06-15 10:24 - 2016-06-15 10:24 - 02794536 _____ (Impression Systems) C:\Users\kanishk\Desktop\EsupportX.exe
2016-06-15 10:19 - 2016-06-15 10:24 - 02794536 _____ (Impression Systems) C:\Users\kanishk\Downloads\EsupportX.exe
2016-06-15 10:14 - 2016-06-15 10:14 - 00539263 _____ C:\Users\kanishk\Downloads\resafetyaudityamunanagarunit.zip
2016-06-14 16:41 - 2016-06-14 16:42 - 00071117 _____ C:\Users\kanishk\Downloads\10000.rar
2016-06-14 16:00 - 2016-06-17 16:53 - 00000000 ____D C:\Users\kanishk\Desktop\amazon
2016-06-14 15:59 - 2016-06-14 15:59 - 00062646 _____ C:\Users\kanishk\Downloads\2591823178016966.txt
2016-06-14 15:43 - 2016-06-14 15:56 - 00000000 ____D C:\Users\kanishk\AppData\Roaming\TeamViewer
2016-06-14 15:41 - 2016-06-14 15:42 - 09617360 _____ (TeamViewer GmbH) C:\Users\kanishk\Downloads\TeamViewer_Setup_en.exe
2016-06-14 13:26 - 2016-06-22 10:33 - 00000000 ____D C:\Users\kanishk\Desktop\Network 18
2016-06-14 13:08 - 2016-06-14 13:08 - 00010441 _____ C:\Users\kanishk\Downloads\Grofers detail in excel sheet(2).xlsx
2016-06-14 13:08 - 2016-06-14 13:08 - 00000165 ____H C:\Users\kanishk\Downloads\~$Grofers detail in excel sheet(2).xlsx
2016-06-14 12:20 - 2016-06-14 12:20 - 01838848 _____ C:\Users\kanishk\Downloads\AUTOLIV THERMOGRAPHY REPORT.pdf
2016-06-14 11:01 - 2016-06-14 11:01 - 00041487 _____ C:\Users\kanishk\Downloads\package(11).pdf
2016-06-14 10:59 - 2016-06-14 10:59 - 00005427 _____ C:\Users\kanishk\Downloads\products(18).pdf
2016-06-14 10:13 - 2016-06-14 10:13 - 00004151 _____ C:\Users\kanishk\Downloads\products(17).pdf
2016-06-13 16:43 - 2016-06-13 16:43 - 00007605 _____ C:\Users\kanishk\Downloads\079010200017569-09-03-2016to31-03-2016.pdf
2016-06-12 13:52 - 2016-06-19 14:13 - 02306953 _____ C:\Users\kanishk\Downloads\Chargers,Adapters&Cables.xlsm
2016-06-11 13:59 - 2016-06-24 11:30 - 00000000 ____D C:\Users\kanishk\Desktop\UFLEX LIMITED
2016-06-11 12:09 - 2016-06-11 12:09 - 00026513 _____ C:\Users\kanishk\Downloads\Untitled.pdf
2016-06-11 11:32 - 2016-06-11 11:32 - 00235238 _____ C:\Users\kanishk\Downloads\spppandroidapp.apk
2016-06-11 11:24 - 2016-06-11 11:25 - 06437741 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18402240.zip
2016-06-11 11:13 - 2016-06-11 11:13 - 00049979 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18403887_TD_Tender_804_1069_Annexure3.pdf
2016-06-11 11:12 - 2016-06-11 11:12 - 00044216 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18403887.zip
2016-06-11 11:10 - 2016-06-11 11:10 - 00169640 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18412944.zip
2016-06-11 11:08 - 2016-06-11 11:08 - 03627875 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18409087_TD_6b43b2944e7b455d934e361c9aee0131.zip
2016-06-11 11:04 - 2016-06-11 11:08 - 00016052 _____ C:\Users\kanishk\Downloads\EXCEL SHEET FOR FLIPKART.xlsx
2016-06-10 16:42 - 2016-06-13 12:21 - 00016715 _____ C:\Users\kanishk\Downloads\Flow(1).xlsx
2016-06-10 16:06 - 2016-06-10 16:06 - 00166444 _____ C:\Users\kanishk\Downloads\ecrharnaut02180216.pdf
2016-06-10 13:52 - 2016-06-10 13:52 - 00135417 _____ C:\Users\kanishk\Downloads\Flow Product Range Excel Sheet(8).xlsx
2016-06-10 13:04 - 2016-06-10 13:04 - 00804249 _____ C:\Users\kanishk\Downloads\fwenergyauditforyourplantatnavimaumbai.zip
2016-06-10 12:41 - 2016-06-10 12:41 - 00007917 _____ C:\Users\kanishk\Downloads\Book1.xlsx
2016-06-09 13:20 - 2016-06-09 13:20 - 00337887 _____ C:\Users\kanishk\Desktop\letterhead.pdf
2016-06-09 10:27 - 2016-06-14 11:29 - 00009633 _____ C:\Users\kanishk\Downloads\Flow_FlipkartTp.xlsx
2016-06-08 16:20 - 2016-06-08 17:31 - 00009081 _____ C:\Users\kanishk\Desktop\FlipkartTp.xlsx
2016-06-08 16:19 - 2016-06-08 16:19 - 00040960 _____ C:\Users\kanishk\Downloads\S_listing--ui--group_8dp9z4osohmq2ar0_0806-161920_default.xls
2016-06-08 13:37 - 2016-06-08 13:43 - 00030208 _____ C:\Users\kanishk\Downloads\vob template.xls
2016-06-08 12:17 - 2016-06-08 12:17 - 00066513 _____ C:\Users\kanishk\Downloads\CHECK LIST FOR PHARMACEUTICAL INDUSTRIES.pdf
2016-06-08 11:25 - 2016-07-04 10:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-08 10:08 - 2016-06-08 10:08 - 00235327 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18362138_TD_filefad56f5874634de89829a008cdc17c5d.zip
2016-06-08 10:07 - 2016-06-08 10:07 - 00026804 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18362138_TD_file0f529fbd39e5492ca690c309ef1d4fa4.pdf
2016-06-08 10:06 - 2016-06-08 10:06 - 00004643 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18362138.zip
2016-06-07 15:42 - 2016-06-07 15:44 - 00235619 _____ C:\Users\kanishk\Downloads\tds(1).zip
2016-06-07 13:46 - 2016-06-07 13:47 - 00375932 _____ C:\Users\kanishk\Downloads\RahulLetter.pdf
2016-06-07 12:30 - 2016-06-07 12:30 - 00142848 _____ C:\Users\kanishk\Downloads\Bill Hitachi Medha cooler (1).xls
2016-06-07 12:27 - 2016-06-07 12:27 - 00040960 _____ C:\Users\kanishk\Downloads\S_listing--ui--group_8dp9z4osohmq2ar0_0706-122750_default.xls
2016-06-07 11:19 - 2016-06-07 11:19 - 00005536 _____ C:\Users\kanishk\Downloads\catalog.1465278562130.csv
2016-06-07 10:57 - 2016-06-07 10:57 - 00002408 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18294736.zip
2016-06-07 10:55 - 2016-06-07 10:55 - 00005521 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18326842.zip
2016-06-07 10:53 - 2016-06-07 10:53 - 00001935 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18339191.zip
2016-06-07 10:36 - 2016-06-07 10:36 - 00220709 _____ C:\Users\kanishk\Downloads\Jun2016%2fzip%2f18355559.zip
2016-06-06 12:47 - 2016-06-06 12:48 - 00016036 _____ C:\Users\kanishk\Desktop\New Microsoft Excel Worksheet.xlsx
2016-06-06 12:19 - 2016-06-06 12:19 - 00232007 _____ C:\Users\kanishk\Downloads\Scope of Work (2).pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-06 19:59 - 2015-12-04 11:26 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-590908152-332062597-4289118028-1001
2016-07-06 19:54 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-07-06 19:53 - 2014-03-18 15:23 - 00005388 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-06 18:01 - 2015-12-14 13:37 - 00000000 ____D C:\Users\kanishk\AppData\Local\CrashDumps
2016-07-06 17:50 - 2015-12-07 10:22 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-590908152-332062597-4289118028-1001UA.job
2016-07-06 17:23 - 2015-12-05 11:12 - 00000060 _____ C:\WINDOWS\wpd99.drv
2016-07-06 17:23 - 2015-12-05 11:12 - 00000000 ____D C:\ProgramData\pdf995
2016-07-06 16:58 - 2015-01-21 16:48 - 00000000 ____D C:\Users\kanishk\Desktop\Flow
2016-07-06 12:58 - 2015-01-22 12:09 - 00000000 ____D C:\Users\kanishk\Documents\Bills
2016-07-06 12:12 - 2015-01-21 16:05 - 00000000 ____D C:\Users\kanishk\AppData\Local\Packages
2016-07-06 10:50 - 2015-12-07 10:22 - 00000884 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-590908152-332062597-4289118028-1001Core.job
2016-07-05 15:58 - 2015-12-08 15:09 - 00573952 ___SH C:\Users\kanishk\Downloads\Thumbs.db
2016-07-05 15:19 - 2013-08-22 19:06 - 00000000 ____D C:\WINDOWS\Inf
2016-07-05 13:49 - 2015-12-21 11:05 - 00002308 _____ C:\Users\kanishk\Desktop\Rahul a sharing - Shortcut.lnk
2016-07-05 13:49 - 2015-12-08 15:36 - 00001828 _____ C:\Users\kanishk\Desktop\priyanka.lnk
2016-07-05 13:49 - 2015-12-04 11:57 - 01004544 ___SH C:\Users\kanishk\Desktop\Thumbs.db
2016-07-05 13:49 - 2015-12-04 11:56 - 00001855 _____ C:\Users\kanishk\Desktop\ankita - Shortcut.lnk
2016-07-05 13:32 - 2016-02-02 12:16 - 00002239 _____ C:\Users\kanishk\Desktop\zzz.lnk
2016-07-05 13:32 - 2016-02-01 12:20 - 00002474 _____ C:\Users\kanishk\Desktop\shubham.lnk
2016-07-05 12:24 - 2014-07-16 19:11 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-07-05 12:22 - 2013-08-22 20:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-05 10:11 - 2015-12-04 12:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-04 11:52 - 2015-12-12 11:34 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-04 11:49 - 2015-12-08 15:22 - 00002433 _____ C:\Users\kanishk\Desktop\Google Chrome.lnk
2016-07-04 11:49 - 2015-12-08 13:53 - 00002441 _____ C:\Users\kanishk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-04 10:41 - 2016-04-23 10:15 - 00000000 ____D C:\Users\kanishk\AppData\Roaming\Opera Software
2016-07-04 10:41 - 2016-04-23 10:15 - 00000000 ____D C:\Users\kanishk\AppData\Local\Opera Software
2016-07-04 10:41 - 2016-04-21 20:25 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-04 10:35 - 2013-08-22 18:55 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-07-04 10:33 - 2015-12-04 11:52 - 00000000 ____D C:\Users\kanishk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-07-04 10:33 - 2015-12-04 11:13 - 00001007 _____ C:\Users\kanishk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-07-02 17:39 - 2016-04-03 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2016-07-02 11:35 - 2016-01-12 11:03 - 00000000 ____D C:\Users\kanishk\Desktop\Accredition
2016-07-01 15:44 - 2016-05-21 12:00 - 00000010 _____ C:\Users\kanishk\Desktop\New Text Document.txt
2016-07-01 10:55 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-01 10:15 - 2016-04-14 15:15 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-06-30 17:40 - 2015-12-21 11:05 - 00000000 ____D C:\Users\Public\Rahul a sharing
2016-06-29 11:05 - 2013-08-22 18:55 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-23 13:18 - 2015-01-22 10:37 - 00000000 ____D C:\Users\kanishk\Documents\Custom Office Templates
2016-06-22 11:54 - 2016-04-28 16:44 - 00000000 ____D C:\Users\kanishk\Desktop\passport
2016-06-21 10:37 - 2015-12-16 10:47 - 00003068 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2016-06-21 10:37 - 2015-12-16 10:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-06-20 18:49 - 2015-12-04 11:09 - 00000000 ____D C:\Users\kanishk
2016-06-20 16:33 - 2015-01-21 16:46 - 00000000 ____D C:\Users\kanishk\Desktop\Thermography
2016-06-20 15:45 - 2013-08-22 21:06 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-20 13:59 - 2015-12-04 11:23 - 00000000 ____D C:\Users\kanishk\AppData\Local\Deployment
2016-06-19 13:46 - 2015-12-04 15:14 - 00000000 ____D C:\Users\kanishk\AppData\Local\Microsoft Help
2016-06-17 15:59 - 2016-02-28 16:58 - 00000000 ____D C:\Users\kanishk\Desktop\pwc
2016-06-17 12:31 - 2016-05-23 15:40 - 00000000 ____D C:\Users\kanishk\Downloads\Exported_Content_Files-20160523154028
2016-06-16 13:41 - 2016-04-21 20:57 - 00000000 ____D C:\Users\kanishk\Downloads\Fan (2016) -SKR Movie 700MB Hindi
2016-06-14 12:12 - 2016-03-11 11:17 - 00000000 ____D C:\Users\kanishk\Desktop\2016 statement
2016-06-14 10:04 - 2016-04-10 13:40 - 00000000 ____D C:\Program Files\TrueKey
2016-06-13 10:43 - 2016-05-27 16:07 - 00000000 ____D C:\Users\kanishk\AppData\Local\SkypePlugin
2016-06-11 10:51 - 2016-04-10 14:01 - 00001212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2016-06-10 18:43 - 2014-06-11 13:11 - 00000000 ____D C:\Users\kanishk\Desktop\songs
2016-06-09 13:32 - 2016-05-31 15:57 - 00000000 ____D C:\Users\kanishk\Desktop\Safety Training
2016-06-09 11:38 - 2014-07-16 19:08 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-06-09 11:38 - 2013-08-22 21:06 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-06-08 16:18 - 2016-02-08 12:42 - 00045911 _____ C:\Users\kanishk\Desktop\FlowInvoiceFormat.xlsx
2016-06-08 10:59 - 2013-03-02 12:56 - 00000000 ____D C:\Users\kanishk\Desktop\Energy Audit
2016-06-07 17:47 - 2016-05-31 15:56 - 00000000 ____D C:\Users\kanishk\Desktop\New folder (2)
 
==================== Files in the root of some directories =======
 
2016-06-12 10:59 - 2016-06-12 10:59 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\113B.tmp
2016-04-05 15:14 - 2016-04-05 15:14 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\1978.tmp
2016-01-05 10:42 - 2016-01-05 10:42 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\26FE.tmp
2016-05-24 15:21 - 2016-05-24 15:21 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\2BAE.tmp
2016-05-10 18:00 - 2016-05-10 18:00 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\3458.tmp
2016-02-27 10:08 - 2016-02-27 10:08 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\3864.tmp
2016-01-07 10:28 - 2016-01-07 10:28 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\3BC1.tmp
2016-04-28 13:38 - 2016-04-28 13:38 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\4292.tmp
2016-04-01 11:54 - 2016-04-01 11:54 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\4687.tmp
2016-05-06 06:43 - 2016-05-06 06:43 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\4D6A.tmp
2016-04-19 15:28 - 2016-04-19 15:28 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\5D85.tmp
2016-03-01 08:24 - 2016-03-01 08:24 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\67AB.tmp
2016-03-11 15:29 - 2016-03-11 15:29 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\67D7.tmp
2016-03-16 18:01 - 2016-03-16 18:01 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\6C7D.tmp
2016-05-04 15:25 - 2016-05-04 15:25 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\7239.tmp
2016-01-16 10:24 - 2016-01-16 10:24 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\75AC.tmp
2016-05-05 12:30 - 2016-05-05 12:30 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\7AD3.tmp
2016-02-27 21:03 - 2016-02-27 21:03 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\807.tmp
2016-02-09 11:03 - 2016-02-09 11:03 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\82EB.tmp
2016-02-16 16:50 - 2016-02-16 16:50 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\84D3.tmp
2016-04-12 08:46 - 2016-04-12 08:46 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\8AAE.tmp
2016-04-16 16:13 - 2016-04-16 16:13 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\8B22.tmp
2016-04-20 15:43 - 2016-04-20 15:43 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\8FA3.tmp
2016-06-08 17:59 - 2016-06-08 17:59 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\B1DC.tmp
2016-01-27 16:57 - 2016-01-27 16:57 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\B7A2.tmp
2016-02-03 10:38 - 2016-02-03 10:38 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\BB5A.tmp
2016-01-28 17:49 - 2016-01-28 17:49 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\D35B.tmp
2016-01-20 15:13 - 2016-01-20 15:13 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\DF45.tmp
2016-03-18 10:29 - 2016-03-18 10:29 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\E961.tmp
2016-03-21 16:52 - 2016-03-21 16:52 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\F50D.tmp
2016-06-07 15:36 - 2016-06-07 15:36 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\F53B.tmp
2016-02-11 12:36 - 2016-02-11 12:36 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\FAD2.tmp
2016-06-30 16:56 - 2016-06-30 16:56 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\FAE9.tmp
2016-02-15 10:28 - 2016-02-15 10:28 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\FCB8.tmp
2016-01-16 15:58 - 2016-01-16 15:58 - 0000000 _____ () C:\Users\kanishk\AppData\Roaming\Microsoft\FE59.tmp
2016-06-16 17:04 - 2016-06-16 17:04 - 0000218 _____ () C:\Users\kanishk\AppData\Local\recently-used.xbel
2014-07-16 18:39 - 2014-07-16 18:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-03-31 16:49 - 2016-03-31 16:49 - 0000108 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-07-16 18:59 - 2014-07-16 19:00 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-07-16 18:56 - 2014-07-16 18:57 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-07-16 18:57 - 2014-07-16 18:58 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-07-16 18:58 - 2014-07-16 18:59 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-07-16 18:55 - 2014-07-16 18:56 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Some files in TEMP:
====================
C:\Users\kanishk\AppData\Local\Temp\COMAP.EXE
C:\Users\kanishk\AppData\Local\Temp\GUR4BB.exe
C:\Users\kanishk\AppData\Local\Temp\JZRMCNDYTE.exe
C:\Users\kanishk\AppData\Local\Temp\N8Yqsf2fYr.exe
C:\Users\kanishk\AppData\Local\Temp\nsk5F96.tmp.exe
C:\Users\kanishk\AppData\Local\Temp\ose00000.exe
C:\Users\kanishk\AppData\Local\Temp\ose00001.exe
C:\Users\kanishk\AppData\Local\Temp\ose00002.exe
C:\Users\kanishk\AppData\Local\Temp\ose00003.exe
C:\Users\kanishk\AppData\Local\Temp\ose00004.exe
C:\Users\kanishk\AppData\Local\Temp\ose00005.exe
C:\Users\kanishk\AppData\Local\Temp\ose00006.exe
C:\Users\kanishk\AppData\Local\Temp\QJQT4GPF4A.exe
C:\Users\kanishk\AppData\Local\Temp\RSTQJUSN05.exe
C:\Users\kanishk\AppData\Local\Temp\SdKNpcNLyb.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-06-24 10:58
 
==================== End of FRST.txt ============================

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:47 AM

Posted 07 July 2016 - 08:05 AM

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:
cmd: netsh winsock reset catalog

HKLM-x32\...\Run: [sun21] => [X]
Winsock: Catalog5 01 C:\ProgramData\System32\SafeGuard32.DLL No File
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\anbhoirrme.cfg [2016-07-02] <==== ATTENTION
CHR HomePage: areraiedchegoghqituty -> hxxp://google.com/
CHR Extension: (Chrome Web Store Payments) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
S2 IhPul; C:\Users\kanishk\AppData\Roaming\TSv\TSvr.exe [475856 2016-07-04] () [File not signed]
S2 shnCldchr.exe; C:\Program Files (x86)\Przaing\shnCldchr.exe [714976 2016-07-02] ()
R2 TDataSvr; C:\Program Files (x86)\TData\TData.exe [134344 2016-06-29] (TData.com)
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
CustomCLSID: HKU\S-1-5-21-590908152-332062597-4289118028-1001_Classes\CLSID\{724FE766-71C2-4E6E-8379-CD0EF5E51BDD}\InprocServer32 -> C:\Users\kanishk\AppData\Local\Google\Update\1.3.28.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-590908152-332062597-4289118028-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\kanishk\AppData\Local\Google\Update\1.3.29.6\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-590908152-332062597-4289118028-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\kanishk\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
Task: {B30B6997-3BF5-4667-883F-4732170583D2} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\50A15FCAF0A75C27038E9790FA3CC32B\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ATTENTION
C:\Program Files (x86)\mozilla firefox\anbhoirrme.cfg
C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
C:\Users\kanishk\AppData\Roaming\TSv\TSvr.exe
C:\Program Files (x86)\Przaing

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

#5 enjoylifewithsms

enjoylifewithsms
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 08 July 2016 - 12:42 AM

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by kanishk (2016-07-08 11:01:24) Run:3
Running from C:\Users\kanishk\Downloads
Loaded Profiles: kanishk (Available Profiles: kanishk & Administrator)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
cmd: netsh winsock reset catalog
 
HKLM-x32\...\Run: [sun21] => [X]
Winsock: Catalog5 01 C:\ProgramData\System32\SafeGuard32.DLL No File
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\anbhoirrme.cfg [2016-07-02] <==== ATTENTION
CHR HomePage: areraiedchegoghqituty -> hxxp://google.com/
CHR Extension: (Chrome Web Store Payments) - C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
S2 IhPul; C:\Users\kanishk\AppData\Roaming\TSv\TSvr.exe [475856 2016-07-04] () [File not signed]
S2 shnCldchr.exe; C:\Program Files (x86)\Przaing\shnCldchr.exe [714976 2016-07-02] ()
R2 TDataSvr; C:\Program Files (x86)\TData\TData.exe [134344 2016-06-29] (TData.com)
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
CustomCLSID: HKU\S-1-5-21-590908152-332062597-4289118028-1001_Classes\CLSID\{724FE766-71C2-4E6E-8379-CD0EF5E51BDD}\InprocServer32 -> C:\Users\kanishk\AppData\Local\Google\Update\1.3.28.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-590908152-332062597-4289118028-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\kanishk\AppData\Local\Google\Update\1.3.29.6\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-590908152-332062597-4289118028-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\kanishk\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
Task: {B30B6997-3BF5-4667-883F-4732170583D2} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\50A15FCAF0A75C27038E9790FA3CC32B\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ATTENTION
C:\Program Files (x86)\mozilla firefox\anbhoirrme.cfg
C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
C:\Users\kanishk\AppData\Roaming\TSv\TSvr.exe
C:\Program Files (x86)\Przaing
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
 
=========  netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\sun21 => value not found.
Winsock: Catalog5 000000000001\\LibraryPath => restored successfully (%SystemRoot%\system32\napinsp.dll)
"C:\Program Files (x86)\mozilla firefox\anbhoirrme.cfg" => not found.
Chrome HomePage => not found.
C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => not found
IhPul => service not found.
shnCldchr.exe => service not found.
TDataSvr => service not found.
InstallerService => service not found.
MozillaMaintenance => service not found.
HKU\S-1-5-21-590908152-332062597-4289118028-1001_Classes\CLSID\{724FE766-71C2-4E6E-8379-CD0EF5E51BDD} => key not found. 
HKU\S-1-5-21-590908152-332062597-4289118028-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => key not found. 
HKU\S-1-5-21-590908152-332062597-4289118028-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B30B6997-3BF5-4667-883F-4732170583D2} => key not found. 
C:\WINDOWS\System32\Tasks\Browser Updater Task(Core) => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater Task(Core) => key not found. 
"C:\Program Files (x86)\mozilla firefox\anbhoirrme.cfg" => not found.
"C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda" => not found.
"C:\Users\kanishk\AppData\Roaming\TSv\TSvr.exe" => not found.
"C:\Program Files (x86)\Przaing" => not found.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2097152 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 19698658 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 182242 B
NetworkService => 5152 B
kanishk => 192291252 B
Administrator => 1837 B
 
RecycleBin => 7763372030 B
EmptyTemp: => 7.4 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 11:03:48 ====


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:47 AM

Posted 08 July 2016 - 06:52 AM

Any remaining issues?

#7 enjoylifewithsms

enjoylifewithsms
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 08 July 2016 - 11:46 PM

@nasdaq same issue are still there

Nothing has changed.

Advertisement search bar still coming

Websites opening on chrome.Also for firefox it is fixed on chrome.

Only thing is that previously I was unable to run antimalwarebyte but after this I was able to run it.


Edited by enjoylifewithsms, 09 July 2016 - 12:25 AM.


#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:47 AM

Posted 09 July 2016 - 06:56 AM

Download Zeok tool from here

When the download appears, save to the Desktop.
On the Desktop, right-click the Zoek.exe file and select: Run as Administrator
(Give it a few seconds to appear.)

Next, copy/paste the entire script inside the code box below to the input field of Zoek:
createsrpoint;
autoclean;
emptyalltemp;
ipconfig /flushdns;b
Now...
Close any open Browsers.
Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please attach the zoek-results.log in your reply.

Also, please provide an update on how the computer is behaving after running the above script.

#9 enjoylifewithsms

enjoylifewithsms
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 11 July 2016 - 05:05 AM

@nasqaq Thanks now firefox is responding properly and I can use it

For Chrome still search bar opens up when I open google and in between some random website open sometimes

Rest google chrome and firefox are smooth on working.

---

 
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by kanishk on 11/07/2016 at 11:06:23.59.
Microsoft Windows 8.1 Single Language 6.3.9600  x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\kanishk\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
11/07/2016 11:10:49 Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\GCR7E57.tmp deleted successfully
C:\PROGRA~2\GUM7F13.tmp deleted successfully
C:\Users\kanishk\AppData\Roaming\Opera Software deleted successfully
C:\Users\kanishk\AppData\Roaming\PDF Producer deleted successfully
C:\Users\kanishk\AppData\Local\EmieSiteList deleted successfully
C:\Users\kanishk\AppData\Local\EmieUserList deleted successfully
C:\Users\kanishk\AppData\Local\MediaShow deleted successfully
C:\Users\kanishk\AppData\Local\Opera Software deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
 
==== FireFox Fix ======================
 
ProfilePath: C:\Users\kanishk\AppData\Roaming\Profiles\rq3f44vz.default
 
user.js not found
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", true);
---- FireFox user.js and prefs.js backups ---- 
 
prefs_072016_1125_.backup
 
ProfilePath: C:\Users\kanishk\AppData\Roaming\Profiles\shakolydrermushhibersp
 
user.js not found
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", true);
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ---- 
 
prefs_072016_1125_.backup
 
ProfilePath: C:\Users\kanishk\AppData\Roaming\Mozilla\Firefox\Profiles\nipffinv.default
 
user.js not found
---- FireFox user.js and prefs.js backups ---- 
 
prefs_072016_1125_.backup
 
==== Batch Command(s) Run By Tool======================
 
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\GCR7E57.tmp not found
C:\PROGRA~2\GUM7F13.tmp not found
C:\Users\kanishk\AppData\Roaming\TSv deleted
C:\Users\kanishk\.android deleted
C:\PROGRA~3\{05EE3202-A879-4F9D-895C-AC535855E0A9} deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\kanishk\Downloads\Deals format.xlsx deleted
C:\Users\kanishk\Downloads\VFDQuickSavingsEstimator.xls deleted
C:\Users\kanishk\Documents\Add-in Express deleted
 
==== Firefox Start and Search pages ======================
 
ProfilePath: C:\Users\kanishk\AppData\Roaming\Profiles\rq3f44vz.default
user_pref("browser.startup.homepage", "google.co.in");
 
ProfilePath: C:\Users\kanishk\AppData\Roaming\Profiles\shakolydrermushhibersp
user_pref("browser.search.defaultenginename", "trotux");
user_pref("browser.search.selectedEngine", "trotux");
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"pdfsam_enhanced_conv@pdfsam.com"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,\ []
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [03/05/2016 16:27]
 
==== Firefox Extensions ======================
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\kanishk\AppData\Roaming\Mozilla\Firefox\Profiles\nipffinv.default
57C7E359ED8D049132EED23EFA444C63 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash
4CA1593CE2A2BF8E61D5638B2CD7E64A - C:\Users\kanishk\AppData\Local\SkypePlugin\7.19.0.182\npGatewayNpapi.dll - Skype Web Plugin
C426F7E678D6E539041847556059D5E8 - C:\Users\kanishk\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll - Google Update
A67C660599D662A36360E55C8B0230A9 - C:\Users\kanishk\AppData\Local\SkypePlugin\7.19.0.182\npGatewayNpapi-x64.dll - Skype Web Plugin
 
 
==== Chromium Look ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[20/04/2016 12:41]
 
eRail.in - kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopfgjfeiimeioiajeknfidlljpoebgc
SiteAdvisor - kanishk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{D94E3047-E606-4CB0-BB83-932524BEB92C}"
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{D94E3047-E606-4CB0-BB83-932524BEB92C} Unknown  Url="Not_Found"
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-590908152-332062597-4289118028-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D94E3047-E606-4CB0-BB83-932524BEB92C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D94E3047-E606-4CB0-BB83-932524BEB92C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D94E3047-E606-4CB0-BB83-932524BEB92C} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\pdfsam_enhanced_conv@pdfsam.com deleted successfully
 
==== Empty IE Cache ======================
 
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\kanishk\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\kanishk\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\kanishk\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\kanishk\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
 
==== Empty FireFox Cache ======================
 
No FireFox Cache found
 
==== Empty Chrome Cache ======================
 
C:\Users\kanishk\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=44 folders=33 87354978 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\kanishk\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\WINDOWS\Temp successfully emptied
C:\Users\kanishk\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== EOF on 11/07/2016 at 11:50:26.52 ======================


#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:47 AM

Posted 11 July 2016 - 07:44 AM

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en

Restart Chrome.

How is it now?

#11 enjoylifewithsms

enjoylifewithsms
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 13 July 2016 - 07:05 AM

@nasdaq Thank you very very very much

The problem has been resolved totaly now

  :clapping:  :clapping:  :clapping:  :clapping:  :clapping:  

 

:flowers:  :flowers:  :flowers:  :flowers:



#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:47 AM

Posted 13 July 2016 - 11:55 AM

Glad we could help.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:47 AM

Posted 19 July 2016 - 08:53 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users