devd

No..not anything that I might want to ask you. Thanks Aura. Bye!

Alright then and thanks a lot for the help that I received from you Aura. Any final suggestion regarding protecting my PC from unwanted stuff?

But is there any means to ensure that no malicious programme is in my PC?

Yes I can. What should I do now?

Hey there was this option refresh firefox to which I agreed and clicked on refresh.Did I do the right thing?

Re-installing mozilla.Let's see if it works.

Re-installed Chrome.The issue of going back to the index page of my hard drive instead of Google homepage is not there anymore.

Hi Aura,finished uninstalling Makkhichoose and another extension in Chrome. Also uninstalled Chrome and I am not able see Mozilla anymore in the Control Panel settings,though I do not remember uninstalling it. Anything more? And has the Mozilla really not there in my system? How can I be sure?

Okay Aura.. I am doing what you would have done.

Aura I'll catch up with you again tomorrow as I would be going off to sleep now.Please don't mind.Whatever I need to do next please include them in your next reply.bye.

Yes I did install them quite a while ago.Both of them.What shall I do now?

FRST Log.. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01 Ran by debanshu (administrator) on HOMEWORK (21-06-2017 00:57:47) Running from C:\Users\debanshu\Downloads Loaded Profiles: debanshu (Available Profiles: debanshu & Guest) Platform: Windows 8 Single Language (X64) Language: English (United States) Internet Explorer Version 10 (Default browser not detected!) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Oracle Corporation) C:\oraclexe\app\oracle\product\11.2.0\server\bin\oracle.exe (Oracle Corporation) C:\oraclexe\app\oracle\product\11.2.0\server\bin\TNSLSNR.EXE (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Farbar) C:\Users\debanshu\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-01-11] (Realtek Semiconductor) HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-07-12] (Broadcom Corporation.) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10592256 2013-10-25] (Broadcom Corporation) HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [2141184 2013-05-31] (Trend Micro Inc.) HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213856 2013-05-31] (Trend Micro Inc.) HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [819760 2013-05-31] (Trend Micro Inc.) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation) HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\Run: [uTorrent] => C:\Users\debanshu\AppData\Roaming\uTorrent\uTorrent.exe [1980608 2017-05-21] (BitTorrent Inc.) HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation) HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD) HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\Run: [Akamai NetSession Interface] => "C:\Users\debanshu\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\MountPoints2: E - "E:\Autorun.exe" HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\MountPoints2: {0404c762-3d23-11e3-be6a-806e6f6e6963} - "D:\Autorun.exe" BootExecute: autocheck autochk * GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{54F39E5F-4E6F-44C5-92BB-1F5A3508B732}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7ADF8D4D-A78C-45F6-9B40-E3F8656EF448}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.in/ HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SAJB SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2016-01-19] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2016-01-19] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-28] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-28] (Oracle Corporation) FireFox: ======== FF DefaultProfile: jt6nfb6w.default FF ProfilePath: C:\Users\debanshu\AppData\Roaming\Mozilla\Firefox\Profiles\jt6nfb6w.default [2017-06-20] FF Extension: (Lightbeam) - C:\Users\debanshu\AppData\Roaming\Mozilla\Firefox\Profiles\jt6nfb6w.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2017-03-23] FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\debanshu\AppData\Roaming\Mozilla\Firefox\Profiles\jt6nfb6w.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-03-31] FF Extension: (GitHub Extension Installer) - C:\Users\debanshu\AppData\Roaming\Mozilla\Firefox\Profiles\jt6nfb6w.default\Extensions\{86054B0A-BD85-42F9-8E58-8794EC6F6EA1}.xpi [2016-01-10] FF Extension: (Download YouTube Videos as MP4) - C:\Users\debanshu\AppData\Roaming\Mozilla\Firefox\Profiles\jt6nfb6w.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-02-14] FF Extension: (Docs Online Viewer) - C:\Users\debanshu\AppData\Roaming\Mozilla\Firefox\Profiles\jt6nfb6w.default\Extensions\{bfb54675-2fd9-4e22-949d-c36333aff6b5}.xpi [2016-02-15] FF HKLM-x32\...\Firefox\Extensions: [{21541D23-FDA1-4bf3-8AF2-8F623BF70B07}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension FF Extension: (No Name) - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-03-20] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-20] () FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2016-01-19] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2016-01-19] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-20] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-28] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default [2017-06-21] CHR Extension: (Google Slides) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-05] CHR Extension: (Google Docs) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-05] CHR Extension: (Google Drive) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05] CHR Extension: (Google Search) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Google Sheets) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-05] CHR Extension: (Google Docs Offline) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19] CHR Extension: (MakkhiChoose) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gllmlkidgbagkcikijiljllpdloelocn [2017-06-20] CHR Extension: (Cisco WebEx Extension) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-04-22] CHR Extension: (Tatkal Ticket Now) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\konojmimochobcfkmnamhlhnpiofplkm [2017-06-15] CHR Extension: (Autofill) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk [2017-05-27] CHR Extension: (Chrome Web Store Payments) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-22] CHR Extension: (Gmail) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-05] CHR Extension: (Chrome Media Router) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-27] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-07-23] (Broadcom Corporation.) S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [642648 2013-06-26] (Sony Corporation) S4 OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [45568 2014-05-29] () [File not signed] S3 OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [81408 2014-05-29] (Oracle Corporation) [File not signed] R2 OracleServiceXE; c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [147110912 2014-05-30] (Oracle Corporation) [File not signed] S3 OracleXEClrAgent; C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [83968 2014-05-29] (Oracle Corporation) [File not signed] R2 OracleXETNSListener; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [522240 2014-05-29] (Oracle Corporation) [File not signed] R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation) R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [248640 2013-05-31] (Trend Micro Inc.) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-07] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6100480 2013-10-25] (Broadcom Corporation) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AmdGpio; C:\Windows\System32\drivers\AmdGpio.sys [17640 2013-08-01] (Advanced Micro Devices, INC.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 AmdSMBus; C:\Windows\System32\drivers\AmdSMBus.sys [40168 2013-08-01] (Advanced Micro Devices, INC.) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-12-19] (Advanced Micro Devices) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [172760 2013-07-23] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6957744 2013-10-25] (Broadcom Corporation) R3 btwpanfl; C:\Windows\system32\drivers\btwpanfl.sys [44760 2013-07-23] (Broadcom Corporation.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-06] (CyberLink) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [418008 2013-07-18] (Realsil Semiconductor Corporation) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [107048 2013-05-30] (Trend Micro Inc.) R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [173504 2013-05-30] (Trend Micro Inc.) R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [46392 2013-05-30] (Trend Micro Inc.) S3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [94520 2013-05-30] (Trend Micro Inc.) S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [33176 2013-05-30] (trend_company_name) R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [77184 2013-05-30] (Trend Micro Inc.) R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [92456 2013-05-30] (Trend Micro Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35232 2013-01-29] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [230904 2013-01-29] (Microsoft Corporation) S3 easytether; \SystemRoot\system32\DRIVERS\easytthr.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-06-21 00:36 - 2017-06-21 00:36 - 00001489 _____ C:\Users\debanshu\Desktop\JRT.txt 2017-06-21 00:31 - 2017-06-21 00:31 - 04110280 _____ C:\Users\debanshu\Desktop\AdwCleaner.exe 2017-06-21 00:29 - 2017-06-21 00:29 - 01663672 _____ (Malwarebytes) C:\Users\debanshu\Desktop\JRT.exe 2017-06-20 01:56 - 2017-06-20 01:57 - 30360545 _____ C:\Users\debanshu\Downloads\xvideos.com_86691a92644abf4e634c84d2a0fe0fa4.mp4 2017-06-20 01:30 - 2017-06-21 00:31 - 00000000 ____D C:\Users\debanshu\AppData\Local\Temp; 2017-06-20 01:25 - 2017-06-20 01:28 - 00013037 _____ C:\Users\debanshu\Downloads\Fixlog.txt 2017-06-20 01:24 - 2017-06-20 01:24 - 02439680 _____ (Farbar) C:\Users\debanshu\Downloads\FRST64 (1).exe 2017-06-20 01:17 - 2017-06-20 01:17 - 00000000 ____D C:\Users\debanshu\Downloads\FRST-OlderVersion 2017-06-20 01:06 - 2017-06-20 01:08 - 00003746 _____ C:\Users\debanshu\Desktop\Westbengalfacts.txt 2017-06-18 16:10 - 2017-06-18 16:10 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2017-06-18 16:09 - 2017-06-18 16:09 - 05838640 _____ (Adobe Systems Inc.) C:\Users\debanshu\Downloads\Shockwave_Installer_Slim.exe 2017-06-18 13:20 - 2017-06-18 13:21 - 00785288 _____ C:\Users\debanshu\Documents\1606172157Grade B ad 2017 for Website.pdf 2017-06-16 19:47 - 2017-06-16 19:48 - 00047509 _____ C:\Users\debanshu\Downloads\Addition.txt 2017-06-16 19:46 - 2017-06-21 00:58 - 00018761 _____ C:\Users\debanshu\Downloads\FRST.txt 2017-06-16 19:46 - 2017-06-21 00:57 - 00000000 ____D C:\FRST 2017-06-16 19:45 - 2017-06-20 01:17 - 01050624 _____ C:\Users\debanshu\Downloads\FRST64.exe 2017-06-16 16:28 - 2017-06-16 16:35 - 230688820 _____ C:\Users\debanshu\Documents\videoplayback1.mp4 2017-06-16 16:15 - 2014-11-26 17:30 - 00000312 _____ C:\Users\debanshu\Desktop\download.js 2017-06-16 16:15 - 2014-11-26 15:56 - 00000548 _____ C:\Users\debanshu\Desktop\manifest.json 2017-06-16 16:14 - 2017-06-16 16:14 - 00000814 _____ C:\Users\debanshu\Downloads\download-youtube-chrome-2.0.zip 2017-06-16 02:40 - 2017-06-16 02:40 - 02036392 _____ C:\Users\debanshu\Documents\THE_HINDU_REVIEW_2017.pdf 2017-06-15 01:47 - 2017-06-15 01:47 - 00012651 _____ C:\Users\debanshu\Downloads\ManyVids - Lena Paul - Anal Training 1 - My 1st Anal Sex Orgasm! mp4 (Lena Paul First Anal)-[rarbg.to].torrent 2017-06-15 01:47 - 2017-06-15 01:47 - 00012651 _____ C:\Users\debanshu\Downloads\ManyVids - Lena Paul - Anal Training 1 - My 1st Anal Sex Orgasm! mp4 (Lena Paul First Anal)-[rarbg.to] (1).torrent 2017-06-15 01:47 - 2017-06-15 01:47 - 00000000 ____D C:\Users\debanshu\AppData\LocalLow\uTorrent 2017-06-14 00:24 - 2017-06-14 00:24 - 208365332 _____ C:\Windows\MEMORY.DMP 2017-06-14 00:24 - 2017-06-14 00:24 - 00321680 _____ C:\Windows\Minidump\061417-68765-01.dmp 2017-06-12 01:36 - 2017-06-12 01:38 - 04263836 _____ C:\Users\debanshu\Documents\MIT14_01SCF10_lec02_300k.mp4 2017-06-12 01:32 - 2017-06-12 01:32 - 15822980 _____ C:\Users\debanshu\Documents\MIT14_01SCF11_rttext.pdf 2017-06-11 19:18 - 2017-06-11 19:18 - 00060379 _____ C:\Users\debanshu\Downloads\MomsInControl - Misty Stone &amp; Sarah Banks - Like Mother, Like Daughter 480p mp4-[rarbg.to].torrent 2017-06-11 19:18 - 2017-06-11 19:18 - 00016930 _____ C:\Users\debanshu\Downloads\BFFS - Lily Rader, Carolina Sweets - Lust In Translation mp4-[rarbg.to].torrent 2017-06-11 19:15 - 2017-06-11 19:15 - 00033758 _____ C:\Users\debanshu\Downloads\CuckoldSessions - Gabriella Paltrova mp4 11 June 2017-[rarbg.to].torrent 2017-06-11 19:12 - 2017-06-11 19:12 - 00032447 _____ C:\Users\debanshu\Downloads\MonstersOfCock - Vienna Black - Stretching My Step Sister's Pussy mp4 11 June 2017-[rarbg.to].torrent 2017-06-11 19:12 - 2017-06-11 19:12 - 00032447 _____ C:\Users\debanshu\Downloads\MonstersOfCock - Vienna Black - Stretching My Step Sister's Pussy mp4 11 June 2017-[rarbg.to] (1).torrent 2017-06-11 18:48 - 2017-06-14 13:49 - 00000000 ____D C:\Windows\LastGood.Tmp 2017-06-11 12:46 - 2017-06-11 12:46 - 00833428 _____ C:\Users\debanshu\Downloads\General studies syllabus.tif 2017-06-10 17:24 - 2017-06-10 17:24 - 00035437 _____ C:\Users\debanshu\Downloads\Culioneros - Tight Italian Pussy - BlackAngelika-[rarbg.to].torrent 2017-06-10 16:03 - 2017-06-10 16:03 - 00027282 _____ C:\Users\debanshu\Downloads\Culioneros - Russian Chicks Love To Be censoreded - Bibi Noel-[rarbg.to].torrent 2017-06-10 15:41 - 2017-06-10 15:41 - 00017940 _____ C:\Users\debanshu\Downloads\NoBoring - Lara - Three dudes shag high-heeled babe mp4-[rarbg.to].torrent 2017-06-10 10:56 - 2017-06-10 10:56 - 00003261 _____ C:\Users\debanshu\Downloads\ColombiacensoredFest - Reina Taylor mp4 06 June 2017-[rarbg.to].torrent 2017-06-10 10:53 - 2017-06-10 10:53 - 00019864 _____ C:\Users\debanshu\Downloads\BangBus - Megan Rain - Jizz On Megan mp4-[rarbg.to].torrent 2017-06-06 00:46 - 2017-06-06 00:46 - 00042186 _____ C:\Users\debanshu\Downloads\ShesNew - Davina Davis - New To The Sex Game mp4 04 June 2017-[rarbg.to].torrent 2017-06-06 00:44 - 2017-06-06 00:44 - 00039005 _____ C:\Users\debanshu\Downloads\Big Latina Tits 9 (2017) WEB-DL SPLIT SCENES MP4-RARBG-[rarbg.to].torrent 2017-06-03 23:43 - 2017-06-03 23:47 - 00002686 _____ C:\Users\debanshu\Desktop\Rkill.txt 2017-06-03 23:40 - 2017-06-21 00:43 - 00000000 ____D C:\AdwCleaner 2017-06-03 23:25 - 2017-06-03 23:57 - 00000000 ____D C:\Users\debanshu\AppData\Local\FSDART 2017-06-03 23:25 - 2017-06-03 23:35 - 00000000 ____D C:\ProgramData\F-Secure 2017-06-03 16:27 - 2017-06-03 16:27 - 00000258 __RSH C:\ProgramData\ntuser.pol 2017-06-03 16:23 - 2017-06-03 16:23 - 00192540 _____ C:\Users\debanshu\Downloads\idm-crack.zip 2017-06-03 16:16 - 2017-06-03 16:18 - 07167896 _____ (Tonec Inc.) C:\Users\debanshu\Downloads\idman628build11.exe 2017-05-28 13:05 - 2017-05-28 13:05 - 03457474 _____ C:\Users\debanshu\Downloads\Economic Development NCERT.zip 2017-05-24 00:28 - 2017-05-24 00:30 - 27078904 _____ (Insecure.org) C:\Users\debanshu\Downloads\nmap-7.40-setup.exe 2017-05-22 01:17 - 2017-05-22 01:17 - 00000890 _____ C:\Users\debanshu\Desktop\Router Settings.txt ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-06-21 00:45 - 2012-07-26 12:52 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-06-21 00:44 - 2015-09-11 09:06 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2017-06-20 01:27 - 2015-05-24 18:42 - 00000000 ____D C:\Users\debanshu\AppData\LocalLow\Temp 2017-06-20 01:26 - 2017-04-25 10:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-06-20 01:26 - 2015-03-02 09:46 - 00000000 ____D C:\Users\debanshu 2017-06-20 01:10 - 2016-01-17 15:33 - 00004288 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-06-20 01:09 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-06-20 01:09 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\system32\Macromed 2017-06-19 01:08 - 2016-09-18 22:33 - 00001705 _____ C:\Users\debanshu\Desktop\notes.txt 2017-06-18 15:09 - 2015-10-17 12:29 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-06-18 12:31 - 2016-02-01 21:07 - 00000000 ____D C:\Users\debanshu\Documents\phi 2017-06-17 21:56 - 2015-12-26 18:28 - 00000000 ____D C:\Users\debanshu\Documents\FIFA 12 2017-06-16 19:30 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\AUInstallAgent 2017-06-16 19:29 - 2012-07-26 13:42 - 00000000 ___HD C:\Program Files\WindowsApps 2017-06-15 02:20 - 2015-06-16 12:18 - 00000000 ____D C:\Users\debanshu\AppData\Roaming\uTorrent 2017-06-14 13:53 - 2016-03-13 17:46 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software 2017-06-14 13:53 - 2015-09-15 09:11 - 00000000 ____D C:\Users\Guest 2017-06-14 13:53 - 2013-10-25 10:03 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2017-06-14 13:52 - 2017-03-03 16:42 - 00000000 ____D C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto 3 2017-06-14 13:52 - 2015-12-24 02:55 - 00000000 ____D C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.5 2017-06-14 13:52 - 2015-08-22 18:20 - 00000000 ____D C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueJ 2017-06-14 13:52 - 2015-03-08 13:09 - 00000000 ____D C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-06-14 13:52 - 2015-03-02 09:48 - 00000000 ____D C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security 2017-06-14 13:50 - 2017-01-19 00:25 - 00000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care 2017-06-14 13:50 - 2016-08-10 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Britannica Knowledge Pack 2017-06-14 13:50 - 2016-04-18 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium 2017-06-14 13:50 - 2016-01-19 00:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2017-06-14 13:50 - 2015-10-23 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition 2017-06-14 13:50 - 2015-10-17 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2017-06-14 13:50 - 2015-09-22 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-06-14 13:50 - 2015-09-22 19:12 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2017-06-14 13:50 - 2015-09-19 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-06-14 13:50 - 2015-09-05 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream 2017-06-14 13:50 - 2015-07-05 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 2017-06-14 13:50 - 2015-07-04 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2017-06-14 13:50 - 2015-03-08 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-06-14 13:50 - 2015-03-05 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Rivals 2017-06-14 13:50 - 2013-10-25 10:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8 2017-06-14 13:50 - 2013-10-25 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home 2017-06-14 13:48 - 2015-03-02 10:13 - 00000000 ____D C:\Users\debanshu\AppData\Roaming\Mozilla 2017-06-14 13:48 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\registration 2017-06-14 02:18 - 2017-03-02 14:35 - 00001978 _____ C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberGhost 6.lnk 2017-06-14 02:18 - 2017-02-12 19:41 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-06-14 02:18 - 2017-01-19 00:25 - 00002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk 2017-06-14 02:18 - 2017-01-19 00:25 - 00002020 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk 2017-06-14 02:18 - 2016-09-11 21:41 - 00001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk 2017-06-14 02:18 - 2015-09-14 12:24 - 00000637 _____ C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Libraries.lnk 2017-06-14 02:18 - 2015-04-25 21:38 - 00001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jagannatha Hora.lnk 2017-06-14 02:18 - 2015-03-06 21:05 - 00002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.0.lnk 2017-06-14 02:18 - 2015-03-06 19:58 - 00000299 _____ C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk 2017-06-14 02:18 - 2013-10-25 11:01 - 00001980 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk 2017-06-14 02:18 - 2013-10-25 10:42 - 00001275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk 2017-06-14 02:18 - 2013-10-25 10:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2017-06-14 02:18 - 2013-10-25 10:30 - 00002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Movie Creator.lnk 2017-06-14 02:18 - 2013-10-25 10:24 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk 2017-06-14 02:18 - 2013-10-25 10:23 - 00002390 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gesture Control.lnk 2017-06-14 02:18 - 2013-10-25 10:23 - 00001556 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk 2017-06-14 02:18 - 2012-07-26 02:02 - 00002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk 2017-06-14 02:18 - 2012-07-26 01:51 - 00000787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk 2017-06-14 02:18 - 2012-07-26 01:43 - 00002118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk 2017-06-14 02:17 - 2017-03-03 16:42 - 00001943 _____ C:\Users\debanshu\Desktop\Grand Theft Auto III.lnk 2017-06-14 02:17 - 2017-02-23 21:37 - 00001977 _____ C:\Users\debanshu\Desktop\PirateSnoop Browser.lnk 2017-06-14 02:17 - 2016-08-10 23:23 - 00002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Britannica Knowledge Pack.lnk 2017-06-14 02:17 - 2016-08-10 23:23 - 00002051 _____ C:\Users\Public\Desktop\Britannica Knowledge Pack.lnk 2017-06-14 02:17 - 2016-05-15 10:40 - 00000993 _____ C:\Users\debanshu\Desktop\fifa - Shortcut.lnk 2017-06-14 02:17 - 2016-04-18 01:13 - 00001758 _____ C:\Users\Public\Desktop\Stellarium.lnk 2017-06-14 02:17 - 2016-02-03 18:54 - 00001170 _____ C:\Users\debanshu\Desktop\eclipse - Shortcut.lnk 2017-06-14 02:17 - 2016-01-05 22:45 - 00001123 _____ C:\Users\Public\Desktop\Jagannatha Hora.lnk 2017-06-14 02:17 - 2015-10-23 18:36 - 00002090 _____ C:\Users\Public\Desktop\Get Started With Oracle Database 11g Express Edition .lnk 2017-06-14 02:17 - 2015-10-23 16:43 - 00000593 _____ C:\Users\Public\Desktop\Cygwin64 Terminal.lnk 2017-06-14 02:17 - 2015-10-17 12:29 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2017-06-14 02:17 - 2015-09-22 19:12 - 00001106 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2017-06-14 02:17 - 2015-09-05 15:06 - 00000907 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2017-06-14 02:17 - 2015-08-22 18:20 - 00001885 _____ C:\Users\debanshu\Desktop\BlueJ.lnk 2017-06-14 02:17 - 2015-06-16 12:18 - 00002624 _____ C:\Users\debanshu\Desktop\µTorrent.lnk 2017-06-14 02:17 - 2015-06-16 12:18 - 00000834 _____ C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2017-06-14 02:15 - 2015-03-04 14:57 - 00000000 ____D C:\Windows\Minidump 2017-06-14 02:15 - 2013-10-25 10:17 - 00000000 ____D C:\Program Files (x86)\Sony 2017-06-14 01:53 - 2016-11-23 01:36 - 00000000 ____D C:\Users\debanshu\AppData\LocalLow\Mozilla 2017-06-14 01:53 - 2015-03-02 10:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-06-14 01:51 - 2017-03-02 19:10 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin 2017-06-14 01:51 - 2013-10-25 10:17 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation 2017-06-14 01:51 - 2013-10-25 10:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-06-03 16:27 - 2012-07-26 13:42 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2017-06-02 23:39 - 2016-04-02 13:14 - 00000000 ____D C:\Users\debanshu\Desktop\personal 2017-06-01 03:01 - 2015-03-03 03:14 - 00000000 ____D C:\Users\debanshu\AppData\Local\ElevatedDiagnostics 2017-05-31 09:55 - 2012-07-26 13:29 - 00000000 ____D C:\Windows\CbsTemp 2017-05-25 01:01 - 2015-03-04 02:42 - 00000600 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2017-05-22 01:17 - 2012-07-26 11:07 - 00000000 ____D C:\Windows\Inf ==================== Files in the root of some directories ======= 2015-03-05 21:02 - 2015-09-05 13:44 - 0007600 _____ () C:\Users\debanshu\AppData\Local\Resmon.ResmonCfg 2017-05-09 17:56 - 2017-05-09 17:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-06-11 11:54 ==================== End of FRST.txt ============================ Addition Log.. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2017 01 Ran by debanshu (21-06-2017 00:59:30) Running from C:\Users\debanshu\Downloads Windows 8 Single Language (X64) (2015-03-02 04:16:32) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-653892147-3159774569-4200303000-500 - Administrator - Disabled) debanshu (S-1-5-21-653892147-3159774569-4200303000-1002 - Administrator - Enabled) => C:\Users\debanshu Guest (S-1-5-21-653892147-3159774569-4200303000-501 - Limited - Enabled) => C:\Users\Guest ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Trend Micro Titanium Maximum Security (Disabled - Up to date) {B7599298-8445-728A-A5C7-A26A082C8BDA} AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Trend Micro Titanium Maximum Security (Disabled - Up to date) {0C38737C-A27F-7D04-9F77-991873ABC167} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.) Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated) Adobe Reader XI (11.0.03) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.10.0.0 - AppEx Networks) Apple Application Support (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.5 - BlueJ Team) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Britannica Knowledge Pack (HKLM-x32\...\Britannica Knowledge Pack) (Version: - Britannica) Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.138 - Broadcom Corporation) Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project) CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.) ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Grand Theft Auto 3 (HKLM-x32\...\Grand Theft Auto 3 Version 1.1) (Version: Version 1.1 - ) HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden IPFilter Updater (HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\07140e809c2bb6df) (Version: 2.0.0.4 - David Moore) Jagannatha Hora 8.0 (HKLM-x32\...\Jagannatha Hora_is1) (Version: 8.0 - PVR Narasimha Rao) Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation) Oracle Database 11g Express Edition (HKLM-x32\...\InstallShield_{05A7B662-80A3-4EB9-AE1D-89A62449431C}) (Version: 11.2.0 - Oracle Corporation) Oracle Database 11g Express Edition (Version: 11.2.0 - Oracle Corporation) Hidden PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation) Python 3.5.1 (32-bit) (HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation) Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation) Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21234 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.38.115.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.) Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden Stellarium 0.14.3 (HKLM\...\Stellarium_is1) (Version: 0.14.3 - Stellarium team) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.4.1 - Synaptics Incorporated) Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden Trend Micro Titanium Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.) VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden VAIO Care (HKLM\...\{404D6E7E-948E-4D2E-9540-59550AB59D4F}) (Version: 8.4.5.06026 - Sony Corporation) VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation) VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.3.8.13060 - Sony Corporation) VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation) VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation) VAIO Easy Connect (x32 Version: 8.4.4.07220 - Sony Corporation) Hidden VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.4.0.06280 - Sony Corporation) VAIO Gesture Control (x32 Version: 2.4.0.06280 - Sony Corporation) Hidden VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.2.00.07040 - Sony Corporation) VAIO Image Optimizer (x32 Version: 3.2.00.07040 - Sony Corporation) Hidden VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.3.0.05230 - Sony Corporation) VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation) VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.2.00.07040 - Sony Corporation) VAIO Movie Creator (x32 Version: 4.2.00.07040 - Sony Corporation) Hidden VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation) VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation) VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden VIx64 (Version: 1.0.0 - Sony Corporation) Hidden VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VUx64 (Version: 1.2.0 - Sony Corporation) Hidden VUx86 (x32 Version: 1.2.0 - Sony Corporation) Hidden VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7300 - Broadcom Corporation) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01D5C180-F9DC-4E15-AAC0-70A2FFF5ACE7} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-05-24] (Sony Corporation) Task: {0335ED80-F132-4DBD-A44D-44583151D696} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation) Task: {084ABFB2-FC78-4C52-91FF-AC2BAC63B39A} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-06-08] (Sony Corporation) Task: {1201160E-241E-4915-AE29-A00B338D4181} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-20] (Adobe Systems Incorporated) Task: {15F0AB33-6891-44FD-9C52-0A0037F18ED4} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation) Task: {23914114-B16A-4495-81DA-41247CDF5BD8} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-04-25] (CyberLink Corp.) Task: {2CA1C3A1-B177-4766-9F68-AF877353096D} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation) Task: {2CA6FDD5-CAB6-4D6B-9DD0-0A8F8278A9DB} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-31] (AVAST Software) Task: {462D8088-9C5D-477F-A732-B7907BC9EC72} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient Task: {56C697DC-45FB-4250-83D2-60AE44ADCE94} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation) Task: {5912CAAA-D63B-4E86-B720-EE2FFDE4D0EB} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2016-05-30] (Sony Corporation) Task: {5CF657C3-D30A-496E-AB52-F7DCF4CFA857} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2016-05-30] (Sony Corporation) Task: {65AAE3AB-AD92-4705-8B02-7417D641D4CC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation) Task: {6CFBC0D2-5575-44C7-A019-4A716213620A} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation) Task: {762E4564-EB3C-4EE6-A4F5-44E5A2792BE9} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2016-05-30] (Sony Corporation) Task: {76F0E8A6-6225-4D5C-8DC1-2A0218FDD1F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.) Task: {7859D5C4-9C9A-4386-8CD5-A528D8A65657} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-18] (Synaptics Incorporated) Task: {79B468C4-5950-4FC2-B5A3-B1D12522F132} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-06-08] (Sony Corporation) Task: {801FD793-9E8C-4D50-87A1-ECE4617B1D90} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2016-05-30] (Sony Corporation) Task: {82004AD6-11FC-483F-A23E-B2DB8B2C32CD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {9162B8E2-BB3A-492E-BBE8-95F51DC11F21} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation) Task: {A4775E96-A7F5-43BF-81D3-6821557E6561} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.) Task: {AEF03768-D3CB-4CDB-806E-68B1C84C7AEC} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation) Task: {B5C5A86F-E9F2-42A4-9010-37E20CB53FEA} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation) Task: {B8C4136B-81ED-4D54-A2E0-C7F3177F55A3} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-07-11] (Sony Corporation) Task: {C2D8F4F1-9B39-4E20-80C3-D96E49E56539} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2016-03-31] (Sony Corporation) Task: {C4C80BAD-6D3B-4DA8-ADDF-E158A0386708} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation) Task: {CF597879-B00A-425F-9B45-7655463CB030} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation) Task: {D070AF95-1EFE-4D2B-92D0-945F5AF581F4} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation) Task: {D37142F7-D8C7-48EA-91E6-ED52673B7B0E} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-06-19] (Sony Corporation) Task: {DF9D5F23-ABED-450A-A654-54C93B8F587F} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2016-03-24] (Sony Corporation) Task: {E1FD963D-87FF-455F-B93F-513328A63AD0} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-06-19] (Sony Corporation) Task: {FC219749-6E69-4DC1-A241-BB1B54BCA782} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2016-03-18] (Sony Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-04-17 22:29 - 2014-04-17 22:29 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-07-12 04:21 - 2013-07-12 04:21 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll 2013-10-25 10:39 - 2013-05-30 23:31 - 00064512 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll 2013-10-25 10:39 - 2013-05-30 23:31 - 00049664 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll 2017-05-17 02:52 - 2017-05-09 13:42 - 02864984 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll 2017-05-17 02:52 - 2017-05-09 13:42 - 00087384 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 10:56 - 2012-07-26 10:56 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\debanshu\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "Bluetooth" HKLM\...\StartupApproved\Run: => "Broadcom Wireless Manager UI" HKLM\...\StartupApproved\Run: => "RtHDVBg" HKLM\...\StartupApproved\Run: => "Trend Micro Client Framework" HKLM\...\StartupApproved\Run: => "VizorHtmlDialog.exe" HKLM\...\StartupApproved\Run: => "Trend Micro Titanium" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "DivXMediaServer" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\StartupApproved\Run: => "AppEx Accelerator UI" HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\StartupApproved\Run: => "HydraVisionDesktopManager" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{5EBC8B32-D5AE-45ED-93D9-31ED392261CA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{38650AC4-BFFB-49FC-8593-69BEDABD587C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{40A75FC3-520B-48BE-ABC5-D8C069190A0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{0F73FF04-652E-48CB-9B35-4321C809AF67}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{E16ED5C6-EC46-42DE-B970-55493438F4A3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{11F41661-9925-4999-B578-7D7CF7613CE3}C:\users\debanshu\downloads\utorrent.exe] => (Allow) C:\users\debanshu\downloads\utorrent.exe FirewallRules: [UDP Query User{ECE16F1E-E9D0-47BD-94A2-774486B99F53}C:\users\debanshu\downloads\utorrent.exe] => (Allow) C:\users\debanshu\downloads\utorrent.exe FirewallRules: [TCP Query User{7980ED22-23F9-4A8B-A911-A8A85E371E0E}C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39586.exe] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39586.exe FirewallRules: [UDP Query User{18251EB2-C782-48F8-91C5-0B89198DB33A}C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39586.exe] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39586.exe FirewallRules: [TCP Query User{78DEE86A-FC6F-4483-B348-F8A3DE45E7F6}C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39586.exe] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39586.exe FirewallRules: [UDP Query User{96B5060C-80EC-486B-9D8A-150C66491EAD}C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39586.exe] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39586.exe FirewallRules: [TCP Query User{78440712-419E-4320-AB16-5C54F0D4DC6D}C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39710.exe] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39710.exe FirewallRules: [UDP Query User{8016E428-3566-45B4-8A1C-6B0C91973CCC}C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39710.exe] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39710.exe FirewallRules: [{03CDBF90-B0DD-4260-8B3C-259EF0EBD70D}] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39586.exe FirewallRules: [{C61F8D06-A68B-4272-8ECA-6E0B88E55AB4}] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39586.exe FirewallRules: [{4DC53E1E-05BA-4338-AEA1-C78C57BDD761}] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39710.exe FirewallRules: [{0E02AF90-1B7D-4F51-B344-7F4CBC96AC9E}] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39710.exe FirewallRules: [TCP Query User{66AC87B4-EC95-4C05-A3A0-BBCAB7FB2906}C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39710.exe] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39710.exe FirewallRules: [UDP Query User{34DEA26F-1C30-452D-A23D-3CF796EC31F6}C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39710.exe] => (Allow) C:\users\debanshu\appdata\roaming\utorrent\updates\3.4.2_39710.exe FirewallRules: [TCP Query User{94BABC2F-5E98-4758-8E0E-D394A7C50C0A}C:\users\debanshu\downloads\anydesk.exe] => (Allow) C:\users\debanshu\downloads\anydesk.exe FirewallRules: [UDP Query User{41265A3E-A383-4CBA-8F22-2CB389892913}C:\users\debanshu\downloads\anydesk.exe] => (Allow) C:\users\debanshu\downloads\anydesk.exe FirewallRules: [TCP Query User{EE7F1D4B-FAAA-432C-BEBB-4E3DE26976B5}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe FirewallRules: [UDP Query User{02FEB493-6D51-42E4-A27F-9F7339CB5E05}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe FirewallRules: [TCP Query User{5C7646AA-E7F6-400D-B61C-F2295E418626}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe FirewallRules: [UDP Query User{45D4669D-3B01-4934-A055-4E9C057629C3}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe FirewallRules: [{5798B0FC-744D-4997-B630-B9AA065A23F7}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{3E052900-A90C-4AA3-B8DA-8449FEF606FE}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{D7B8F5FB-D444-45DC-83C0-C8092A2FBEF6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{D49A6870-260D-4435-8402-C295A9DF6150}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{C8F86B07-06A9-4DBF-94A4-7BE976227E77}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{519E8B24-F527-4AA7-A83D-CCCF9408C712}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{7456467D-7DDE-4696-97CC-6BCE016A17AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{961B7406-1E7B-4964-B8DC-FA07BA9BE5FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{2DAD9B2D-822D-4508-84EF-013A84B0E229}C:\users\debanshu\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\debanshu\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{D710C905-A764-4DE2-9E66-E7DF0C427A4B}C:\users\debanshu\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\debanshu\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{C2BC91F1-3D62-42A7-A394-5050F6B1CE52}C:\users\debanshu\desktop\fifa 12\game\fifa.exe] => (Allow) C:\users\debanshu\desktop\fifa 12\game\fifa.exe FirewallRules: [UDP Query User{42CF563C-4A39-4BAC-93BD-F728788DED6F}C:\users\debanshu\desktop\fifa 12\game\fifa.exe] => (Allow) C:\users\debanshu\desktop\fifa 12\game\fifa.exe FirewallRules: [TCP Query User{0EF26A2B-6255-41C9-87F6-93F4892E1653}C:\users\debanshu\desktop\fifa 12\game\fifa.exe] => (Block) C:\users\debanshu\desktop\fifa 12\game\fifa.exe FirewallRules: [UDP Query User{C186064F-973E-45BA-B396-C81379EFFFF4}C:\users\debanshu\desktop\fifa 12\game\fifa.exe] => (Block) C:\users\debanshu\desktop\fifa 12\game\fifa.exe FirewallRules: [TCP Query User{D5996315-0549-4C62-8D68-28CBB5062765}C:\users\debanshu\appdata\local\temp\rar$exa0.863\u1504.exe] => (Allow) C:\users\debanshu\appdata\local\temp\rar$exa0.863\u1504.exe FirewallRules: [UDP Query User{1AADF4C0-36E7-435C-90E0-6B3D75D473A2}C:\users\debanshu\appdata\local\temp\rar$exa0.863\u1504.exe] => (Allow) C:\users\debanshu\appdata\local\temp\rar$exa0.863\u1504.exe FirewallRules: [TCP Query User{EC6591A1-24F6-44C7-A3B7-ED49E72AB1D1}C:\users\debanshu\appdata\local\temp\rar$exa0.313\u1504.exe] => (Allow) C:\users\debanshu\appdata\local\temp\rar$exa0.313\u1504.exe FirewallRules: [UDP Query User{AB769A25-605F-4F68-A4B9-5A30CE73612F}C:\users\debanshu\appdata\local\temp\rar$exa0.313\u1504.exe] => (Allow) C:\users\debanshu\appdata\local\temp\rar$exa0.313\u1504.exe FirewallRules: [TCP Query User{9CD3AFA5-1C0B-475A-A156-DB0FC09F15DE}C:\users\debanshu\appdata\local\temp\rar$exa0.075\u1504.exe] => (Allow) C:\users\debanshu\appdata\local\temp\rar$exa0.075\u1504.exe FirewallRules: [UDP Query User{0C03D221-53B0-431B-B20F-2DCD0F6871A3}C:\users\debanshu\appdata\local\temp\rar$exa0.075\u1504.exe] => (Allow) C:\users\debanshu\appdata\local\temp\rar$exa0.075\u1504.exe FirewallRules: [TCP Query User{90F7BB74-259E-46FC-884C-E98B3878DEC1}C:\users\debanshu\downloads\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\users\debanshu\downloads\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe FirewallRules: [UDP Query User{46C20058-A9B1-49E0-9D21-19A9463F125F}C:\users\debanshu\downloads\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\users\debanshu\downloads\eclipse-java-mars-1-win32-x86_64\eclipse\eclipse.exe FirewallRules: [TCP Query User{75D422DB-37D1-4E17-A65F-2BBF3642C1C9}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_65\bin\jmc.exe FirewallRules: [UDP Query User{557B28BE-C347-4B22-8DC9-C3E413EB8E92}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_65\bin\jmc.exe FirewallRules: [TCP Query User{8EA2A4C4-4E79-40E2-B0F3-B4EA5790CA13}C:\fifa 12\game\fifa.exe] => (Allow) C:\fifa 12\game\fifa.exe FirewallRules: [UDP Query User{FD3C50D8-9B77-4F32-900F-8D6FB8C13E17}C:\fifa 12\game\fifa.exe] => (Allow) C:\fifa 12\game\fifa.exe FirewallRules: [TCP Query User{1F414C3A-3EC3-4DE4-8D7B-D8B7602A15F7}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe FirewallRules: [UDP Query User{939E2BFD-7B07-4BD9-AC83-02F4BF921091}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe FirewallRules: [TCP Query User{DBBB2770-FC8E-4FE6-BFBC-108292858D29}D:\easysetupassistant\tssh2.exe] => (Block) D:\easysetupassistant\tssh2.exe FirewallRules: [UDP Query User{73C953FD-9444-43D6-BDD8-FD0B642B4ED4}D:\easysetupassistant\tssh2.exe] => (Block) D:\easysetupassistant\tssh2.exe FirewallRules: [TCP Query User{7B1C605B-AC1D-4D9A-B021-E190EBF43C78}C:\fifa 12\game\fifa.exe] => (Block) C:\fifa 12\game\fifa.exe FirewallRules: [UDP Query User{D78A4459-2DFF-4C3A-A4F4-7C8412228080}C:\fifa 12\game\fifa.exe] => (Block) C:\fifa 12\game\fifa.exe FirewallRules: [TCP Query User{8C259442-40B0-4E09-9897-AAF11975543E}C:\users\debanshu\desktop\age of empires 2\aoe2 game\empires2-play.exe] => (Block) C:\users\debanshu\desktop\age of empires 2\aoe2 game\empires2-play.exe FirewallRules: [UDP Query User{A18CC7E1-54A2-4A71-AE59-DBB174427D42}C:\users\debanshu\desktop\age of empires 2\aoe2 game\empires2-play.exe] => (Block) C:\users\debanshu\desktop\age of empires 2\aoe2 game\empires2-play.exe FirewallRules: [{179E2B99-5A8F-4380-8C0B-130AE3303DA4}] => (Allow) C:\Users\debanshu\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{91408932-E7A6-4DB3-B54B-A44EDEF00E8C}] => (Allow) C:\Users\debanshu\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5461F0EB-A437-4B71-9A66-74C4C58F653C}] => (Allow) C:\Users\debanshu\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7CB63F75-4F06-40A4-969C-3C306440447B}] => (Allow) C:\Users\debanshu\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{09A0192C-6D36-4254-BC1A-07FEBB66562F}] => (Allow) C:\Users\debanshu\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{760B2B7E-B49D-4C94-AC82-E3C4FDA94493}] => (Allow) C:\Users\debanshu\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{452B9469-4C27-44C3-B2F8-5C71BD42368F}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe FirewallRules: [{A59C9AA9-2A09-4A63-AC6A-7BB6FEE44029}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe FirewallRules: [{DA0D1C71-BCEB-4655-888E-0F04FE40471E}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe FirewallRules: [{7FE5A26C-59D1-4DB2-B2B8-5EA4B4626F93}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe FirewallRules: [TCP Query User{19E9B754-F8F7-4A17-B983-60FBE808C39B}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [UDP Query User{65782259-1855-4044-BD3E-7B9FC8B5B2B8}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [{ACA97715-2C70-4FA0-8508-FD7E40C2356B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{71CC0201-E4DB-4119-A34F-6B26B49C9787}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F88F0493-8C0C-4B92-8916-49B8B106D1BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9CE0AB67-89BD-41A5-A50E-529B7C8F1535}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{7FB6F793-6E95-4686-BC1A-8BE7D0EFEECA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 01-06-2017 01:36:57 Scheduled Checkpoint 03-06-2017 16:31:40 Removed Sparkol Tawe 14-06-2017 01:06:52 Scheduled Checkpoint 14-06-2017 01:36:51 Restore Operation 20-06-2017 01:25:28 Restore Point Created by FRST 21-06-2017 00:31:54 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/21/2017 12:49:50 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (06/20/2017 01:25:27 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {15275b3e-d68f-4a96-814f-c90aa7f7affb} Error: (06/20/2017 01:01:09 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005). Error: (06/18/2017 12:56:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005). Error: (06/16/2017 02:30:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NFS14_x86.exe, version: 1.1.0.0, time stamp: 0x52810f10 Faulting module name: NFS14_x86.exe, version: 1.1.0.0, time stamp: 0x52810f10 Exception code: 0xc0000005 Fault offset: 0x00128c1f Faulting process id: 0x13d0 Faulting application start time: 0x01d2e67f088daea4 Faulting application path: C:\Program Files (x86)\NFS Rivals\NFS14_x86.exe Faulting module path: C:\Program Files (x86)\NFS Rivals\NFS14_x86.exe Report Id: 494fcd31-5272-11e7-beb9-3c77e6dc721a Faulting package full name: Faulting package-relative application ID: Error: (06/16/2017 02:06:38 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005). Error: (06/15/2017 01:19:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 82751121 Error: (06/15/2017 01:19:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 82751121 Error: (06/15/2017 01:19:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/14/2017 01:52:32 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: VizorHtmlDialog.exe, version: 6.0.0.1219, time stamp: 0x501a83d5 Faulting module name: libcef.dll, version: 2.0.0.1021, time stamp: 0x4ff4b1d4 Exception code: 0xc0000005 Fault offset: 0x00dafad5 Faulting process id: 0xb38 Faulting application start time: 0x01d2e482c6ee741e Faulting application path: C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe Faulting module path: C:\Program Files\Trend Micro\Titanium\UIFramework\libcef.dll Report Id: 071481b8-5076-11e7-beb8-3c77e6dc721a Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (06/21/2017 12:44:18 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error: (06/21/2017 12:44:18 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error: (06/21/2017 12:44:16 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {B3E53F1A-1C31-4A43-A66D-321FA322BCE7} did not register with DCOM within the required timeout. Error: (06/21/2017 12:44:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error: (06/21/2017 12:44:00 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. Error: (06/21/2017 12:43:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The VCService service terminated unexpectedly. It has done this 1 time(s). Error: (06/21/2017 12:43:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (06/21/2017 12:43:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The VAIO Event Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 3000 milliseconds: Restart the service. Error: (06/21/2017 12:43:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The TiMiniService service terminated unexpectedly. It has done this 1 time(s). Error: (06/21/2017 12:43:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The PMBDeviceInfoProvider service terminated unexpectedly. It has done this 1 time(s). ==================== Memory info =========================== Processor: AMD A8-5545M APU with Radeon(tm) HD Graphics Percentage of memory in use: 53% Total physical RAM: 3269.78 MB Available physical RAM: 1531.16 MB Total Virtual: 8269.78 MB Available Virtual: 5583.19 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:440.64 GB) (Free:345.22 GB) NTFS Drive d: (CD226A6) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 63071B5D) Partition: GPT. ==================== End of Addition.txt ============================ Thanks..

..Sure.

Hi... Pasting the logs...first the JRT and then ADwCleaner. 1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 8 Single Language x64 Ran by debanshu (Administrator) on 21-06-2017 at 0:31:49.27 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 8 Successfully deleted: C:\ProgramData\ammyy (Folder) Successfully deleted: C:\ProgramData\mntemp (File) Successfully deleted: C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder) Successfully deleted: C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder) Successfully deleted: C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) Successfully deleted: C:\Users\debanshu\AppData\Local\torch (Folder) Successfully deleted: C:\Users\Public\thunder network (Folder) Successfully deleted: C:\Program Files (x86)\esupport.com (Folder) Deleted the following from C:\Users\debanshu\AppData\Roaming\Mozilla\Firefox\Profiles\jt6nfb6w.default\prefs.js user_pref(browser.urlbar.suggest.searches, true); Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 21-06-2017 at 0:36:47.89 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2. # AdwCleaner v6.047 - Logfile created 21/06/2017 at 00:43:40 # Updated on 19/05/2017 by Malwarebytes # Database : 2017-06-20.1 [Server] # Operating System : Windows 8 Single Language (X64) # Username : debanshu - HOMEWORK # Running from : C:\Users\debanshu\Desktop\AdwCleaner.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** [-] Service deleted: DrvAgent64 ***** [ Folders ] ***** [-] Folder deleted: C:\Users\debanshu\AppData\Roaming\devnull [-] Folder deleted: C:\ProgramData\devnull [#] Folder deleted on reboot: C:\ProgramData\Application Data\devnull [-] Folder deleted: C:\Program Files (x86)\devnull [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\AdvinstAnalytics [-] Folder deleted: C:\AppData\Roaming\devnull ***** [ Files ] ***** [-] File deleted: C:\Windows\SysWOW64\drivers\DRVAGENT64.SYS ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C8B797A0-024C-4D90-80F5-4CCC0988013A} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4511A7B0-96B2-47A7-84AB-FB76078EA007} [-] Key deleted: HKU\.DEFAULT\Software\Hola [-] Key deleted: HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Software\DriverUpdaterPro [-] Key deleted: HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Software\eSupport.com [-] Key deleted: HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Software\torch [-] Key deleted: HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Software\Link64 [#] Key deleted on reboot: HKU\S-1-5-18\Software\Hola [#] Key deleted on reboot: HKCU\Software\DriverUpdaterPro [#] Key deleted on reboot: HKCU\Software\eSupport.com [#] Key deleted on reboot: HKCU\Software\torch [#] Key deleted on reboot: HKCU\Software\Link64 [#] Key deleted on reboot: [x64] HKCU\Software\DriverUpdaterPro [#] Key deleted on reboot: [x64] HKCU\Software\eSupport.com [#] Key deleted on reboot: [x64] HKCU\Software\torch [#] Key deleted on reboot: [x64] HKCU\Software\Link64 [-] Key deleted: [x64] HKLM\SOFTWARE\Hola [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com ***** [ Web browsers ] ***** ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [4724 Bytes] - [03/06/2017 23:54:50] C:\AdwCleaner\AdwCleaner[C2].txt - [2672 Bytes] - [21/06/2017 00:43:40] C:\AdwCleaner\AdwCleaner[S0].txt - [4356 Bytes] - [03/06/2017 23:45:53] C:\AdwCleaner\AdwCleaner[S1].txt - [2787 Bytes] - [21/06/2017 00:43:13] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2891 Bytes] ########## Thanks..

I already re-installed the software before reading your suggestion..anyway..i have generated the Log file.Copying it's contents below. Fix result of Farbar Recovery Scan Tool (x64) Version: 18-06-2017 01 Ran by debanshu (20-06-2017 01:25:22) Run:1 Running from C:\Users\debanshu\Downloads Loaded Profiles: debanshu (Available Profiles: debanshu & Guest) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: CreateRestorePoint: HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\Run: [DriverUpdaterPro] => C:\Program Files (x86)\DriverUpdaterPro\DriverUpdaterPro.exe /ot /as /ss HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\Run: [VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe /repair ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File SearchScopes: HKLM -> DefaultScope value is missing SearchScopes: HKLM-x32 -> DefaultScope value is missing SearchScopes: HKU\S-1-5-21-653892147-3159774569-4200303000-1002 -> DefaultScope {4DCE72C4-68A5-43B7-AB95-3D1C89D61251} URL = hxxps://in.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-653892147-3159774569-4200303000-1002 -> {4DCE72C4-68A5-43B7-AB95-3D1C89D61251} URL = hxxps://in.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default FF Plugin HKU\S-1-5-21-653892147-3159774569-4200303000-1002: @hola.org/FlashPlayer -> C:\Users\debanshu\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-03-06] () FF Plugin HKU\S-1-5-21-653892147-3159774569-4200303000-1002: @hola.org/vlc -> C:\Users\debanshu\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-03-06] (Hola) CHR Extension: (Honey) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-06-14] CHR Extension: (MakkhiChoose) - C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gllmlkidgbagkcikijiljllpdloelocn [2017-05-27] CHR Extension: (Download Youtube Chrome) - C:\Users\debanshu\Downloads\download-youtube-chrome-2.0 [2017-06-16] [UpdateUrl: hxxp://www.downloadyoutubechrome.com/updates.xml] <==== ATTENTION CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found> S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X] Task: {3853F1FD-14E5-49BC-8E5B-56D2CA44EE9C} - System32\Tasks\{0A96913E-3973-4E41-BEC8-7E7593965B1A} => pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\Need for Speed Carbon\EAUninstall.exe" Task: {5F46C59C-852B-4E93-8CF1-0BC53FC3CE1A} - System32\Tasks\{4B8F2772-A215-4555-B7B3-0196B6830F4D} => pcalua.exe -a "C:\Program Files\Trend Micro\Titanium\Remove.exe" Task: {95D0781C-20B9-4180-85D7-DE06DB7910FC} - System32\Tasks\{465C35A6-D4CD-48B8-851F-26413CB71753} => pcalua.exe -a "C:\Users\debanshu\Desktop\Age of Empires 2\AOE2 Game\Register-AOE.exe" -d "C:\Users\debanshu\Desktop\Age of Empires 2\AOE2 Game" IE trusted site: HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\hola.org -> hxxp://hola.org HKU\S-1-5-21-653892147-3159774569-4200303000-1002\...\StartupApproved\Run: => "DriverUpdaterPro" FirewallRules: [TCP Query User{9A6E2E0D-E29F-4B00-A458-EDF2DBF36DA2}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe FirewallRules: [UDP Query User{D925DFFA-F344-4D5C-85EA-C906C1DAD146}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe C:\Program Files\Hola C:\Program Files (x86)\DriverUpdaterPro C:\Program Files (x86)\Temp C:\Program Files (x86)\Google\Chrome\Application\chrome.bat C:\Program Files (x86)\Internet Explorer\iexplore.bat C:\Program Files (x86)\Mozilla Firefox\firefox.bat C:\ProgramData\VideoDownloaderUltimateWinApp C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk C:\Users\Default\AppData\Local\AdvinstAnalytics C:\Users\Default User\AppData\Local\AdvinstAnalytics C:\Users\debanshu\ntuser.pol C:\Users\debanshu\Desktop\Tor Browser C:\Users\debanshu\Desktop\Stаrt Тоr Вrоwsеr.lnk C:\Users\debanshu\Downloads\download-youtube-chrome-2.0 C:\Users\debanshu\AppData\Local\AdvinstAnalytics C:\Users\debanshu\AppData\Local\Hola C:\Users\debanshu\AppData\Local\Temp; C:\Users\debanshu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk C:\Users\debanshu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk C:\Users\debanshu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехplоrеr.lnk C:\Users\debanshu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk C:\Users\Public\Desktop\Моzillа Firеfох.lnk EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DriverUpdaterPro => value removed successfully HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Software\Microsoft\Windows\CurrentVersion\Run\\VideoDownloaderUltimate => value removed successfully HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully HKU\S-1-5-21-653892147-3159774569-4200303000-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-21-653892147-3159774569-4200303000-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4DCE72C4-68A5-43B7-AB95-3D1C89D61251} => key removed successfully HKLM\Software\Classes\CLSID\{4DCE72C4-68A5-43B7-AB95-3D1C89D61251} => key not found. HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Software\MozillaPlugins\@hola.org/FlashPlayer => key removed successfully C:\Users\debanshu\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll => moved successfully HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Software\MozillaPlugins\@hola.org/vlc => key removed successfully C:\Users\debanshu\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll => moved successfully C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj => moved successfully C:\Users\debanshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gllmlkidgbagkcikijiljllpdloelocn => moved successfully C:\Users\debanshu\Downloads\download-youtube-chrome-2.0 <==== ATTENTION => not found HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek => key removed successfully HKLM\System\CurrentControlSet\Services\Amsp => key removed successfully Amsp => service removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3853F1FD-14E5-49BC-8E5B-56D2CA44EE9C} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3853F1FD-14E5-49BC-8E5B-56D2CA44EE9C} => key removed successfully C:\Windows\System32\Tasks\{0A96913E-3973-4E41-BEC8-7E7593965B1A} => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0A96913E-3973-4E41-BEC8-7E7593965B1A} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F46C59C-852B-4E93-8CF1-0BC53FC3CE1A} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F46C59C-852B-4E93-8CF1-0BC53FC3CE1A} => key removed successfully C:\Windows\System32\Tasks\{4B8F2772-A215-4555-B7B3-0196B6830F4D} => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4B8F2772-A215-4555-B7B3-0196B6830F4D} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95D0781C-20B9-4180-85D7-DE06DB7910FC} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95D0781C-20B9-4180-85D7-DE06DB7910FC} => key removed successfully C:\Windows\System32\Tasks\{465C35A6-D4CD-48B8-851F-26413CB71753} => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{465C35A6-D4CD-48B8-851F-26413CB71753} => key removed successfully HKU\S-1-5-21-653892147-3159774569-4200303000-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org => key removed successfully HKU\S-1-5-21-653892147-3159774569-4200303000-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\DriverUpdaterPro => value removed successfully HKU\S-1-5-21-653892147-3159774569-4200303000-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DriverUpdaterPro => value not found. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9A6E2E0D-E29F-4B00-A458-EDF2DBF36DA2}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D925DFFA-F344-4D5C-85EA-C906C1DAD146}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe => value removed successfully C:\Program Files\Hola => moved successfully "C:\Program Files (x86)\DriverUpdaterPro" => not found. C:\Program Files (x86)\Temp => moved successfully C:\Program Files (x86)\Google\Chrome\Application\chrome.bat => moved successfully C:\Program Files (x86)\Internet Explorer\iexplore.bat => moved successfully C:\Program Files (x86)\Mozilla Firefox\firefox.bat => moved successfully "C:\ProgramData\VideoDownloaderUltimateWinApp" => not found. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk => moved successfully C:\Users\Default\AppData\Local\AdvinstAnalytics => moved successfully "C:\Users\Default User\AppData\Local\AdvinstAnalytics" => not found. C:\Users\debanshu\ntuser.pol => moved successfully "C:\Users\debanshu\Desktop\Tor Browser" => not found. C:\Users\debanshu\Desktop\Stаrt Тоr Вrоwsеr.lnk => moved successfully C:\Users\debanshu\Downloads\download-youtube-chrome-2.0 => moved successfully C:\Users\debanshu\AppData\Local\AdvinstAnalytics => moved successfully C:\Users\debanshu\AppData\Local\Hola => moved successfully C:\Users\debanshu\AppData\Local\Temp; => moved successfully C:\Users\debanshu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk => moved successfully C:\Users\debanshu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk => moved successfully C:\Users\debanshu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехplоrеr.lnk => moved successfully C:\Users\debanshu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk => moved successfully C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk => moved successfully C:\Users\debanshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk => moved successfully C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk => moved successfully C:\Users\Public\Desktop\Моzillа Firеfох.lnk => moved successfully =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18776922 B Java, Flash, Steam htmlcache => 758 B Windows/system/drivers => 9689026 B Edge => 0 B Chrome => 792521056 B Firefox => 102920163 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 101641837 B LocalService => 119696 B NetworkService => 1595846 B debanshu => 195135704 B Guest => 1291445 B RecycleBin => 0 B EmptyTemp: => 1.1 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 01:28:28 ====

Hi Aura..I was about to start with the process through FRST.exe but when I clicked on it it says "This app cant run on your PC".Probably it got updated as it was runing fine just a while ago.

Ya ya I am still there.thanks for the reply..a lot of it actually! Though I haven't acted on your advice but soon will. I will get back to you by replying on this post again when I am done following your instructions.

++log files Addition.txt FRST.txt

Hi, So a couple weeks ago (Jun 1), I did an unfortunate thing and installed a .exe file from an untrusted source due to some stupid reason. After a series of panicking, I downloaded malwarebytes which removed apparently 100+ Bad Things from my PC and allowed it to function again (the virus/adware would force my PC to run a bunch of random programs and take over my browser to set the homepage to Goojle.com or something like that which was clearly not right. But malwarebytes fixed that). However, I've noticed 2 things since then: 1. Opening Chrome browser no longer leads me to the google homepage. Instead, it leads to:file:///C:/PROGRA~2/Google/Chrome/APPLIC~1/58.0.3029.110/ 2.Mozilla won't start Can you please guide me out of this situation? Thanks.