Jump to content

Recommended Posts

I am using Avast Antivirus and for the last few days facing Virus / Malware problem.

 

Every few hours, Avast pops up a message "VIRUS FOUND"

Object: C:\\Windows\Temp\Tmp19F8.exe\>$INSTDIR\updated.dll

Infection: Win32:Adware-gen[Adw]

Process: C:\Program Fikes (x86)\Bin\UpdateTool\UpdaterToolService.exe

 

Even after choosing Delete the same message with a different file name appears.

I have run the Boot scan as well as Full Scan couple of times and choosen "delete file" whenever the virus is detected.

 

How do I get rid of this Virus permanently.

Please help ?

 

I am using Windows 7 Homee Premium (64-Bit)

 

Regard,

Prateek

Link to post
Share on other sites

Hello and :welcome:

I'm Radek and I'll try to help you with your issue.

Before we start please note the following:

  • Analysis and research take some time, also sometimes real life gets in the way, please be patient.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Paste the logs in your posts, attachments make my work harder and more complicated.
  • Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
I can't foresee everything, so if anything unexpected happens, please stop and inform me!

There are no silly questions. Never be afraid to ask if in doubt!

warning.gif Rules and policies

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.


51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download and install Malwarebytes Anti-Malware, or re-run it if you already have it installed.

  • First of all select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.
Link to post
Share on other sites

Hi Prateek,

OK, time for some diagnostics now. Please remember to post me the logfiles instead of attaching them.

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    > Windows 8 users will be prompted about Windows SmartScreen protection - click More information and Run.

  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
Link to post
Share on other sites

PFA the contents of the two log files.

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Prateek (administrator) on PRATEEK-VAIO on 17-02-2015 16:17:07
Running from C:\Users\Prateek\Desktop
Loaded Profiles: Prateek (Available profiles: Prateek & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: "https://mail.google.com/mail/u/0/#inbox"
CHR Profile: C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-07]
CHR Extension: (Google Drive) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-07]
CHR Extension: (YouTube) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-07]
CHR Extension: (Google Search) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-07]
CHR Extension: (MightyText - SMS from PC & Text from PC / Mac) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2014-12-07]
CHR Extension: (Google News) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2014-12-07]
CHR Extension: (Gmail Offline) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-12-07]
CHR Extension: (Google Calendar) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-12-07]
CHR Extension: (Google Sheets) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-07]
CHR Extension: (Google Keep - notes and lists) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-12-07]
CHR Extension: (Boomerang for Gmail) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2014-12-07]
CHR Extension: (WhatsApp Web) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijandjnpfknklghfccodglplomhhmch [2015-01-27]
CHR Extension: (Google Wallet) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-07]
CHR Extension: (Snorklet) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeacenklgehgjiokgmeodnndpppobglm [2014-12-08]
CHR Extension: (Gmail) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-30] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-30] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-07] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-07] (Avast Software)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [13664 2009-12-31] (Aladdin Knowledge Systems, Ltd.)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2010-03-03] (HP) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-11] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 nvservice; C:\Windows\system32\nvservice.exe [192800 2013-02-04] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-24] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [958112 2011-10-24] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 UpdateServiceTool; "C:\Program Files (x86)\Bin\UpdateTool\UpdaterToolService.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [20992 2014-10-10] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-27] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 mr7910; C:\Windows\System32\DRIVERS\mr7910.sys [55808 2007-03-16] (Mars Semiconductor Corp.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-12-07] ()
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-07] (Avast Software)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-04-02] (StdLib)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-17 16:17 - 2015-02-17 16:17 - 00028187 _____ () C:\Users\Prateek\Desktop\FRST.txt
2015-02-17 16:16 - 2015-02-17 16:17 - 00000000 ____D () C:\FRST
2015-02-17 16:16 - 2015-02-17 16:16 - 02085888 _____ (Farbar) C:\Users\Prateek\Desktop\FRST64.exe
2015-02-17 15:43 - 2015-02-17 15:43 - 00009699 _____ () C:\Users\Prateek\Desktop\scan Result.txt
2015-02-17 15:37 - 2015-02-17 15:37 - 00003936 _____ () C:\Windows\PFRO.log
2015-02-17 15:04 - 2015-02-17 15:38 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-17 15:03 - 2015-02-17 15:03 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-17 15:03 - 2015-02-17 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-17 15:03 - 2015-02-17 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-17 15:03 - 2015-02-17 15:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-17 15:03 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-17 15:03 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-17 15:03 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-17 14:53 - 2015-02-17 14:53 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Prateek\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-17 11:17 - 2015-02-17 11:17 - 00000163 _____ () C:\Users\Prateek\Desktop\created .txt
2015-02-17 00:06 - 2015-02-17 15:37 - 00000168 _____ () C:\Windows\setupact.log
2015-02-17 00:06 - 2015-02-17 00:06 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 18:29 - 2015-02-14 18:29 - 00000000 ____D () C:\Users\Prateek\Desktop\Malaysia
2015-02-14 18:29 - 2015-02-14 18:29 - 00000000 ____D () C:\Users\Prateek\Desktop\Jal Nidhi
2015-02-14 18:28 - 2015-02-14 18:28 - 00000038 _____ () C:\Users\Prateek\Desktop\UpdateServiceTool.txt
2015-02-14 18:14 - 2015-02-16 19:12 - 00000000 ____D () C:\Users\Prateek\Desktop\NITESH
2015-02-13 17:53 - 2015-02-13 18:10 - 00008984 _____ () C:\Users\Prateek\Desktop\Berger Evap.xlsx
2015-02-12 14:46 - 2015-02-12 14:46 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-12 14:46 - 2015-02-12 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-12 14:45 - 2015-02-17 15:50 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-12 14:45 - 2015-02-17 15:38 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-12 14:45 - 2015-02-12 14:45 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-12 14:45 - 2015-02-12 14:45 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-11 16:21 - 2015-02-11 16:22 - 06673920 _____ () C:\Users\Prateek\Desktop\Pal.xls
2015-02-07 14:22 - 2015-02-07 14:22 - 00056320 _____ () C:\Users\Prateek\Desktop\Prateek Jhajharia.xls
2015-02-01 10:23 - 2015-02-01 11:20 - 00000000 ____D () C:\Users\Prateek\Documents\AKJ Grand Backup
2015-01-29 11:56 - 2015-01-29 12:02 - 00015306 _____ () C:\Users\Prateek\Desktop\Alcon.xlsx
2015-01-28 14:56 - 2015-01-28 15:06 - 00021504 _____ () C:\Users\Prateek\Desktop\Om Infra Illus.xls
2015-01-27 17:26 - 2015-01-28 14:56 - 00024576 _____ () C:\Users\Prateek\Desktop\Bitchem Discount.xls
2015-01-25 14:27 - 2015-02-08 12:55 - 00000404 _____ () C:\Users\Prateek\Desktop\Disc.txt
2015-01-22 14:47 - 2015-01-25 18:21 - 00023733 _____ () C:\Users\Prateek\Desktop\Renish MOL Ac.xlsx
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-17 16:08 - 2013-05-02 22:05 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\Skype
2015-02-17 15:58 - 2013-05-02 19:26 - 00000000 ____D () C:\Tally.ERP9
2015-02-17 15:45 - 2009-07-14 10:15 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-17 15:45 - 2009-07-14 10:15 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-17 15:41 - 2014-02-17 09:04 - 01868783 _____ () C:\Windows\WindowsUpdate.log
2015-02-17 15:39 - 2013-05-02 16:31 - 00000000 ___RD () C:\Users\Prateek\Documents\Dropbox
2015-02-17 15:39 - 2013-05-02 16:25 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\Dropbox
2015-02-17 15:37 - 2013-05-03 03:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-17 15:37 - 2009-07-14 10:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-17 15:34 - 2013-12-23 23:22 - 00000000 ____D () C:\Users\Prateek\AppData\Local\CRE
2015-02-17 15:09 - 2014-09-04 10:41 - 00000000 ____D () C:\Tally.ERP9 Gold
2015-02-17 15:09 - 2013-05-02 19:06 - 00000144 _____ () C:\Windows\ODBC.INI
2015-02-17 15:09 - 2013-05-02 19:06 - 00000023 _____ () C:\Windows\ODBCINST.INI
2015-02-17 14:44 - 2013-05-02 23:31 - 00000000 ____D () C:\Users\Prateek\AppData\Local\CutePDF Writer
2015-02-17 12:51 - 2013-05-02 19:05 - 00000061 _____ () C:\Users\Prateek\Documents\TallyODBC_9000.dsn
2015-02-17 11:23 - 2013-09-07 13:21 - 00012800 ___SH () C:\Users\Prateek\Thumbs.db
2015-02-16 20:11 - 2013-05-02 22:00 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\TeamViewer
2015-02-16 17:16 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\AppCompat
2015-02-16 17:15 - 2013-05-02 16:47 - 00000000 ____D () C:\Users\Prateek\AppData\Local\Microsoft Help
2015-02-16 17:15 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\registration
2015-02-16 17:14 - 2014-04-02 14:31 - 00000000 ____D () C:\Program Files (x86)\Surftastic
2015-02-16 11:11 - 2013-05-02 16:28 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-16 07:25 - 2013-08-21 17:47 - 00000000 ____D () C:\Users\Guest
2015-02-16 03:48 - 2013-05-02 15:30 - 00000000 ____D () C:\Users\Prateek
2015-02-14 18:22 - 2014-09-16 16:03 - 69590528 _____ () C:\TBK900.001
2015-02-14 14:26 - 2009-07-14 11:02 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-02-13 09:02 - 2013-06-18 10:28 - 00000000 ____D () C:\Users\Prateek\AppData\Local\CrashDumps
2015-02-12 14:46 - 2013-05-02 15:55 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-12 14:42 - 2014-03-25 19:01 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000UA.job
2015-02-12 14:42 - 2014-03-25 19:01 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000Core.job
2015-02-12 13:51 - 2013-05-02 16:06 - 00000000 ____D () C:\Setup Files
2015-02-12 12:41 - 2014-03-25 19:01 - 00003902 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000UA
2015-02-12 12:41 - 2014-03-25 19:01 - 00003506 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000Core
2015-02-06 18:45 - 2013-07-26 19:13 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\vlc
2015-02-06 12:13 - 2013-05-08 11:38 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-05 14:49 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-04 17:38 - 2009-07-14 10:43 - 00802440 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-30 09:55 - 2013-06-08 12:25 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\Mozilla
2015-01-27 18:28 - 2014-12-19 14:18 - 00042496 _____ () C:\Users\Prateek\Desktop\Mum bit Raj.xls
2015-01-19 14:39 - 2014-02-24 17:47 - 00000000 ____D () C:\Users\Prateek\AppData\Local\Windows Live
 
==================== Files in the root of some directories =======
 
2013-05-02 19:25 - 2009-04-02 14:32 - 1789933 _____ (Macrovision Corporation) C:\Program Files\uninstall.exe
2014-03-25 11:15 - 2014-03-25 12:34 - 49940480 _____ () C:\Program Files (x86)\GUTDDC1.tmp
2014-03-01 20:45 - 2014-03-01 20:45 - 0037857 _____ () C:\Users\Prateek\AppData\Roaming\Comma Separated Values (DOS).ADR
2013-07-11 21:33 - 2013-07-11 21:33 - 0012960 _____ () C:\Users\Prateek\AppData\Roaming\Comma Separated Values (DOS).CAL
2013-07-11 21:22 - 2014-03-01 21:05 - 0037861 _____ () C:\Users\Prateek\AppData\Roaming\Comma Separated Values (Windows).ADR
2013-05-18 16:06 - 2014-08-21 17:53 - 0000177 _____ () C:\Users\Prateek\AppData\Roaming\default.rss
2014-07-20 14:04 - 2014-11-19 13:04 - 0004096 ____H () C:\Users\Prateek\AppData\Local\keyfile3.drm
2013-05-23 13:25 - 2014-12-07 22:41 - 0007659 _____ () C:\Users\Prateek\AppData\Local\Resmon.ResmonCfg
2013-05-17 18:17 - 2013-05-17 18:17 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-05-02 18:50 - 2014-08-11 17:00 - 0005750 _____ () C:\ProgramData\hpzinstall.log
 
Some content of TEMP:
====================
C:\Users\Prateek\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzuxogm.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-13 08:49
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by Prateek at 2015-02-17 16:18:06
Running from C:\Users\Prateek\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
"Nero SoundTrax Help (x32 Version: 4.0.15.0 - Nero AG) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camera Viewer Pro (HKU\S-1-5-21-2070679833-1579982074-2905736653-1000\...\d48b2eab0200c4e7) (Version: 1.2.8.1 - MKL Vision Systems)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.18.50 - Conexant)
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - Acro Software Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeviceDiscovery (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Dropbox (HKU\S-1-5-21-2070679833-1579982074-2905736653-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
ePass1000Auto (Remove only) (HKLM-x32\...\ePass1000Auto-4FE7-A218-48BDAE051E2B_std) (Version:  - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
eToken PKI Client 5.1 SP1 (HKLM\...\{BC5C2BEB-87AF-4636-9184-CA10C3C740B8}) (Version: 5.1.66.0 - Aladdin Knowledge Systems Ltd.)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Deskjet 3540 series Basic Device Software (HKLM\...\{8F1D4329-FB9A-4D9D-BC13-DDA877A1513D}) (Version: 32.1.145.46951 - Hewlett-Packard Co.)
HP Deskjet 3540 series Help (HKLM-x32\...\{1D456349-7D00-479E-A2A9-C846CE390FE5}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 4620 series Basic Device Software (HKLM\...\{058F186E-FBE2-4871-A5D5-2C3FBC1D0740}) (Version: 26.0.784.0 - Hewlett-Packard Co.)
HP Deskjet 4620 series Product Improvement Study (HKLM\...\{BB09C020-4B84-41D0-A019-122D8E832DFD}) (Version: 26.0.784.0 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP LaserJet M1522 MFP Series 4.2 (HKLM\...\{C8A37F1F-E13B-48ae-93F8-4669264969F9}) (Version: 4.2 - HP)
HP Officejet Pro 3620 Basic Device Software (HKLM\...\{E6D8E91D-F3CF-479A-8AF7-2229B11D6473}) (Version: 29.1.971.39251 - Hewlett-Packard Co.)
HP Officejet Pro 3620 Help (HKLM-x32\...\{DAEBC38F-C07B-4900-B4B9-3E7D1890DF4F}) (Version: 29.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
hppFaxDrvM1522 (x32 Version: 003.100.00001 - Hewlett-Packard) Hidden
hppFaxUtility (x32 Version: 000.105.00107 - Hewlett-Packard) Hidden
hppFonts (x32 Version: 001.001.00056 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 001.300.00005 - Hewlett-Packard) Hidden
hppLJM1522 (x32 Version: 002.101.00002 - Hewlett-Packard) Hidden
hppManualsM1522 (x32 Version: 002.103.00002 - Hewlett-Packard) Hidden
hppScanTo (x32 Version: 002.102.00003 - Hewlett-Packard) Hidden
hppSendFaxM1522 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppTLBXFXM1522 (x32 Version: 001.005.00009 - Hewlett-Packard) Hidden
hppusgM1522 (x32 Version: 000.000.00004 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Hewlett Packard Development Company L.P.)
hpzTLBXFX (x32 Version: 005.013.00185 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Java 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005F0}) (Version: 7.0.50 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.13.2.0 - LG Electronics)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Media Gallery (Version: 2.0.0.11150 - Sony Corporation) Hidden
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 SDK (x64) ENU  (HKLM\...\{546B499C-2CEB-409C-AA03-59CE8B5A6AFA}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 35.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-GB)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{03cf9af5-de1f-443f-9a4b-11d671fc893a}) (Version:  - Nero AG)
NEST3 (HKLM-x32\...\{2BA90915-E948-4059-8F21-767A93BFA318}) (Version: 3.11.2.1 - omnesysindia)
NestPlus (HKLM-x32\...\{023E0B19-8E10-43C7-8CC8-4E483B7E32A8}) (Version: 2.9.00001 - Omnesys)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Driver 269.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 269.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 269.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 269.73 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
NVIDIA nView 136.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0507 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0507 - NVIDIA Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Product Improvement Study for HP Officejet Pro 3620 (HKLM\...\{F756EFFE-0AC3-43ED-8A95-0E6198835AC2}) (Version: 29.1.971.39251 - Hewlett-Packard Co.)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Realsoft 10.0 (HKLM-x32\...\{36A92FEE-A60C-4441-85AF-269458D2C795}) (Version: 9.2 - )
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SoundTrax (x32 Version: 4.0.18.0 - Nero AG) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
Tally.ERP 9 (HKLM-x32\...\{60CE00F9-AC0B-48AA-9C4B-0DC3F350B695}) (Version:  - Tally Solutions Pvt. Ltd.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.35436 Beta - TeamViewer)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VAIO - Media Gallery - VAIO Personalization Manager Update (HKLM\...\{50A7190B-5DA6-4A51-B275-3D413E617BA6}) (Version: 4.2.5.07160 - Sony Corporation)
VAIO - Media Gallery (HKLM-x32\...\{DD696AF7-8A89-41D5-976A-2053E41A69BE}) (Version: 2.2.2.09110 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.10.11160 - Sony Corporation)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{55A60C1D-BEBF-4249-BFB2-F4E5C2E77988}) (Version: 8.4.1.07021 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.5 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.5 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.1.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.0.08120 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Viber (HKU\S-1-5-21-2070679833-1579982074-2905736653-1000\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WebReg (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinZip 16.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}) (Version: 16.5.10095 - WinZip Computing, S.L. )
YTD Video Downloader 4.8.2 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.2 - GreenTree Applications SRL) <==== ATTENTION
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Prateek\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Prateek\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Prateek\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
29-09-2014 12:19:41 Scheduled Checkpoint
08-10-2014 20:28:44 Scheduled Checkpoint
22-10-2014 16:19:52 Scheduled Checkpoint
29-10-2014 11:23:48 Installed Realsoft 10.0
06-11-2014 22:23:58 Scheduled Checkpoint
15-11-2014 13:35:32 Scheduled Checkpoint
24-11-2014 17:54:53 Scheduled Checkpoint
01-12-2014 16:02:49 Windows Backup
07-12-2014 21:56:15 Removed NEST3
07-12-2014 21:58:15 Installed NEST3
07-12-2014 22:02:46 avast! antivirus system restore point
07-12-2014 22:27:54 Installed VAIO Care.
07-12-2014 22:34:49 Windows Update
07-12-2014 23:11:37 Windows Update
15-12-2014 15:33:21 Removed NEST3
15-12-2014 15:34:53 Removed NEST3
15-12-2014 15:42:17 Installed NEST3
15-12-2014 15:57:35 Installed NestPlus
20-12-2014 19:55:06 Installed LG United Mobile Driver
05-01-2015 15:55:43 Installed Extended Asian Language font pack for Adobe Reader XI.
13-01-2015 15:09:46 Scheduled Checkpoint
23-01-2015 22:20:44 Scheduled Checkpoint
02-02-2015 17:02:40 Scheduled Checkpoint
13-02-2015 08:56:54 Scheduled Checkpoint
13-02-2015 08:58:54 Windows Update
16-02-2015 11:27:27 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 08:04 - 2014-05-29 10:50 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0BE9C1A1-5798-48C8-961D-D99DCA0E1133} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {1EDA129D-5D89-4BE0-9AE7-313E7DE41BDC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {1FA9BB85-30C8-4320-8D00-2442FB1FD1A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-12] (Google Inc.)
Task: {2021150B-5C11-47B7-8210-771C92467929} - System32\Tasks\{0CB3DC11-8188-4BA5-A0EC-AF209CB67696} => pcalua.exe -a "C:\Setup Files\LG Mobile G3\B2CAppSetup.exe" -d "C:\Setup Files\LG Mobile G3"
Task: {212D5425-6E60-4726-AD31-9DB3B3927F49} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-12] (Google Inc.)
Task: {28051FC2-6282-46D1-A6A6-A11DE9FDA050} - System32\Tasks\Start Skype at logon => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {3C57A131-2545-45B1-9B3A-841C09084799} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {3D7ADFBA-C240-4812-A30F-C1F2F295B61A} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {3E8C70F5-76BD-4631-82BD-22D68F1489B3} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-06-25] (Sony Corporation)
Task: {3FBE6A57-C245-437A-915D-92FE22A7FF7A} - System32\Tasks\{349B247E-9BD9-40D2-829B-82A91CFF9337} => pcalua.exe -a "C:\Setup Files\Tally.ERP.Build189\Tally.ERP.Build189\install.exe" -d "C:\Setup Files\Tally.ERP.Build189\Tally.ERP.Build189"
Task: {4FEBA143-8511-4A4B-9E16-F7990E88E5DC} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {5C95A255-AFFB-46CC-B5BD-483C7C213AD4} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {5D522B72-5CFB-45F6-9F3D-F8F91B18EA6C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-07] (AVAST Software)
Task: {5F080627-DFEA-4934-A9BB-8E3F2752E6DF} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {7304197D-DC33-4E27-91D2-D61C0357AFB3} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {81F5F22A-36FA-47D9-A788-54FFC195ED0A} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {84E3E302-DFF7-449E-A152-FCC68422F1BB} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {8507FDA9-84BC-4D9C-B2BD-BBC8072811BC} - System32\Tasks\HPCustParticipation HP Officejet Pro 3620 => C:\Program Files\HP\HP Officejet Pro 3620\Bin\HPCustPartic.exe [2012-10-21] (Hewlett-Packard Co.)
Task: {89488628-11A9-4C5F-9E7C-6FBDFEF3CBF0} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {94908A22-7E57-4D7C-879F-A942573490A9} - System32\Tasks\{55D16FE6-84EB-403D-BDD7-8053A2605475} => pcalua.exe -a "C:\Tally.ERP9 Gold\uninstall.exe" -d "C:\Tally.ERP9 Gold"
Task: {95076B66-0367-4750-909F-48BD5B5CEDE9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {993D7BD2-CCFE-4070-9027-148A6C51C90B} - System32\Tasks\HPCustParticipation HP Deskjet 4620 series => C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPCustPartic.exe [2011-12-18] (Hewlett-Packard Co.)
Task: {A17A1ECB-1A2D-4B8E-BE19-68063231F37B} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {B8F8CFF8-09F9-4ED3-9D25-1AB7C7A5CB54} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {B90FA982-5493-4D49-8986-2FF7270241CB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000Core => C:\Users\Prateek\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: {BA9EF052-E74A-45A0-8338-2EB72F7D7F3E} - System32\Tasks\{085ACA86-5DCC-4023-8B82-DAB3BA334A32} => pcalua.exe -a "C:\Users\Prateek\APPDATA\LOCAL\TEMP\wz6c2c\24_realsoft 9.2.exe" -d "C:\Setup Files"
Task: {BC768541-2630-49E0-8AB7-6AFA988F3BB0} - System32\Tasks\{4C176386-ECDA-4EC1-94F3-93A7E3848BB4} => pcalua.exe -a D:\setup.exe -d D:\
Task: {C73660A5-BAEC-4307-BA9C-20718DB62DF5} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {D62EDF89-8772-4500-AC0D-DA4C03E998A5} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {D855D1FA-F378-4C9E-8B0B-37989AF51B73} - System32\Tasks\{085E0BB3-C9E1-4E4A-93CE-A993060E3AC6} => pcalua.exe -a "C:\Setup Files\converter.exe" -d "C:\Setup Files"
Task: {DCF787D1-AD3A-43C2-A0B9-875594AD2981} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {E21041B7-DF4E-45E5-90A6-DEAE7D8910AD} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {E77E9524-03D0-4C99-8DB1-563EC51C679C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000UA => C:\Users\Prateek\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: {E8E5EDBA-D838-40EC-AB02-F4A3F2F40898} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-01-27] (Sony Corporation)
Task: {F10F494C-1B96-4CA0-BE72-8F1D5A2E55A9} - System32\Tasks\{917E00C2-94CC-40B1-9D7F-2C9E2FBE827F} => pcalua.exe -a "C:\Program Files (x86)\Java\jre6\bin\javacpl.exe" -d C:\Users\Prateek\Desktop
Task: {F4B02324-DCE9-4E76-9722-E7C8F102525A} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {F926C376-A075-44C2-A560-E83E94FC1C20} - System32\Tasks\HP AR Program Upload - 07a9bf564df1485e8c825c387d35010c33d66459ff2746969a1c5d5179bb1218 => C:\Program Files\HP\HP Officejet Pro 3620\bin\HPRewards.exe [2012-10-21] (TODO: <Company name>)
Task: {FB6AEECE-9F70-4DE9-8032-6CF2E8AA2C19} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {FC259097-F059-4F7D-9E5D-1BA1BB478268} - System32\Tasks\HP AR Program Upload - f8dc02a69fef4755a95be7474eb9fdba85d33fca1a0a490ab763c25fbe8f5eb4 => C:\Program Files\HP\HP Officejet Pro 3620\bin\HPRewards.exe [2012-10-21] (TODO: <Company name>)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000Core.job => C:\Users\Prateek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000UA.job => C:\Users\Prateek\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-05-02 18:44 - 2013-10-23 15:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2014-12-07 22:07 - 2014-12-07 22:07 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-07 22:07 - 2014-12-07 22:07 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-05-03 03:20 - 2011-09-07 10:44 - 00380736 _____ () C:\Program Files\NVIDIA Corporation\nView\nvshell.dll
2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-12 12:15 - 2015-02-12 12:15 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15021101\algo.dll
2014-12-07 22:07 - 2014-12-07 22:07 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2013-05-03 03:26 - 2011-03-06 05:12 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-12-07 22:08 - 2014-12-07 22:08 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-11 02:30 - 2015-02-11 02:30 - 00750080 _____ () C:\Users\Prateek\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-17 15:39 - 2015-02-17 15:39 - 00043008 _____ () c:\users\prateek\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzuxogm.dll
2015-02-11 02:30 - 2015-02-11 02:30 - 00047616 _____ () C:\Users\Prateek\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-11 02:30 - 2015-02-11 02:30 - 00865280 _____ () C:\Users\Prateek\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-11 02:30 - 2015-02-11 02:30 - 00200704 _____ () C:\Users\Prateek\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-02-12 14:46 - 2015-02-04 14:32 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-12 14:46 - 2015-02-04 14:32 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-12 14:46 - 2015-02-04 14:32 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2014-12-08 00:37 - 2014-12-08 00:37 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ad4c4edfdad8e430af19da64ab282d96\IsdiInterop.ni.dll
2013-05-03 03:12 - 2010-11-06 12:20 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2070679833-1579982074-2905736653-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Prateek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2
MSCONFIG\startupreg: 59A6A3648C2098860905A01BC0EC67CB884511C0._service_run => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ePass1000Auto => C:\Program Files (x86)\EnterSafe\ePass1000Auto\certd1ka.exe
MSCONFIG\startupreg: eTMonitor => "C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Prateek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPUsageTracking => "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
MSCONFIG\startupreg: ToolBoxFX => "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: UpdateTool => C:\Program Files (x86)\Bin\UpdateTool\YTBUpdater.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2070679833-1579982074-2905736653-500 - Administrator - Disabled)
Guest (S-1-5-21-2070679833-1579982074-2905736653-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-2070679833-1579982074-2905736653-1002 - Limited - Enabled)
Prateek (S-1-5-21-2070679833-1579982074-2905736653-1000 - Administrator - Enabled) => C:\Users\Prateek
 
==================== Faulty Device Manager Devices =============
 
Name: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Description: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/17/2015 03:37:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/17/2015 03:32:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 7.0.80.102 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1028
 
Start Time: 01d04a770bed25fb
 
Termination Time: 1066
 
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
 
Report Id: 1e3f9e4b-b68c-11e4-9ffa-e2aaca627203
 
Error: (02/17/2015 00:22:25 PM) (Source: Service1) (EventID: 0) (User: )
Description: Service cannot be started. The service process could not connect to the service controller
 
Error: (02/17/2015 11:20:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/17/2015 09:12:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3042
 
Error: (02/17/2015 09:12:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3042
 
Error: (02/17/2015 09:12:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/17/2015 09:12:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2028
 
Error: (02/17/2015 09:12:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2028
 
Error: (02/17/2015 09:12:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (02/17/2015 03:38:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (02/17/2015 03:38:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (02/17/2015 03:37:55 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error: 
%%5
 
Error: (02/17/2015 11:21:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (02/17/2015 11:21:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (02/17/2015 11:20:45 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error: 
%%5
 
Error: (02/17/2015 00:07:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (02/17/2015 00:07:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (02/17/2015 00:07:31 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error: 
%%5
 
Error: (02/16/2015 06:56:31 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
 
Microsoft Office Sessions:
=========================
Error: (12/26/2014 05:30:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 21958 seconds with 7200 seconds of active time.  This session ended with a crash.
 
Error: (11/17/2014 06:54:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 4279 seconds with 1800 seconds of active time.  This session ended with a crash.
 
Error: (10/14/2014 11:49:25 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 933 seconds with 360 seconds of active time.  This session ended with a crash.
 
Error: (08/30/2014 03:04:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1373 seconds with 1200 seconds of active time.  This session ended with a crash.
 
Error: (07/12/2014 11:37:34 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2658 seconds with 1860 seconds of active time.  This session ended with a crash.
 
Error: (06/23/2014 03:43:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 16473 seconds with 780 seconds of active time.  This session ended with a crash.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 4077.86 MB
Available physical RAM: 1522.41 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 4939 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:454.56 GB) (Free:124.06 GB) NTFS
Drive f: () (Removable) (Total:3.69 GB) (Free:0.48 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9FB74F3B)
Partition 1: (Not Active) - (Size=11.1 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.6 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
Link to post
Share on other sites

OK, let's start fixing.

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download and install Malwarebytes Anti-Malware, or re-run it if you already have it installed.

  • First of all select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.
Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 02/17/2015

Scan Time: 16:52

Logfile: Scan Log 2.txt

Administrator: Yes

 

Version: 2.00.4.1028

Malware Database: v2015.02.17.06

Rootkit Database: v2015.02.03.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Prateek

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 397645

Time Elapsed: 22 min, 44 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 1

PUP.Optional.DustApps.A, C:\Windows\Temp\tmp3845.exe, Quarantined, [9e74fd1dfd8de254c3eafc260cf6ed13], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

Good, now these two.

JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.
Please include the contents of that file in your reply.

Do not forget to re-enable your previously switched off protection software!

Please also manually reboot your machine after this procedure.

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • The program will begin to update the database (if internet connection is operational). Please wait a little bit.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.
Please include the contents of that file in your reply.
Link to post
Share on other sites

JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Prateek on 02/17/2015 at 21:44:51.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SurftasticSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SurftasticSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SurftasticUntemp_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SurftasticUntemp_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Surftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Surftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Surftastic_Setup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Surftastic_Setup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateSurftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilSurftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SurftasticSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SurftasticSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SurftasticUntemp_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SurftasticUntemp_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Surftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Surftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Surftastic_Setup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Surftastic_Setup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateSurftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilSurftastic_RASMANCS
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Prateek\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Prateek\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Prateek\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\oapps"
Successfully deleted: [Folder] "C:\Program Files (x86)\surftastic"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/17/2015 at 21:48:59.94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
AdwCleaner
# AdwCleaner v4.110 - Logfile created 17/02/2015 at 22:01:11
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Prateek - PRATEEK-VAIO
# Running from : C:\Users\Prateek\Desktop\adwcleaner_4.110.exe
# Option : Cleaning
 
***** [ Services ] *****
 
Service Deleted : wStLibG64
[#] Service Deleted : UpdateServiceTool
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\Prateek\AppData\Local\NativeMessaging
File Deleted : C:\Program Files\Uninstall.exe
File Deleted : C:\Windows\System32\drivers\wStLibG64.sys
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4A40A2A9-DD1C-11CE-B7A6-00AA006EC3D4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{363BB65D-1747-4826-B445-1DA6244E2037}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17420
 
 
-\\ Mozilla Firefox v35.0 (x86 en-GB)
 
 
-\\ Google Chrome v40.0.2214.111
 
 
*************************
 
AdwCleaner[R0].txt - [3622 bytes] - [17/02/2015 21:56:30]
AdwCleaner[s0].txt - [3566 bytes] - [17/02/2015 22:01:11]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3625  bytes] ##########
Link to post
Share on other sites

Hi,

I apologize for the delay, I was swamped with an additional work and that prevented me from replying daily.

Post me fresh two FRST reports after the fixes.

FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    > XP users click run after receipt of Windows Security Warning - Open File.

    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.

  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
Link to post
Share on other sites

Hi,

 

You have been kind enough to help me through this. You need not apologies. I am thankful that you are helping me out.

 

PFA The log files:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by Prateek (administrator) on PRATEEK-VAIO on 22-02-2015 16:25:20
Running from C:\Users\Prateek\Desktop\Removal Virus
Loaded Profiles: Prateek (Available profiles: Prateek & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: "https://mail.google.com/mail/u/0/#inbox"
CHR Profile: C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-07]
CHR Extension: (Google Drive) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-07]
CHR Extension: (YouTube) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-07]
CHR Extension: (Google Search) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-07]
CHR Extension: (MightyText - SMS from PC & Text from PC / Mac) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2014-12-07]
CHR Extension: (Google News) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2014-12-07]
CHR Extension: (Gmail Offline) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-12-07]
CHR Extension: (Google Calendar) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-12-07]
CHR Extension: (Google Sheets) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-07]
CHR Extension: (Google Keep - notes and lists) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-12-07]
CHR Extension: (Boomerang for Gmail) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2014-12-07]
CHR Extension: (WhatsApp Web) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijandjnpfknklghfccodglplomhhmch [2015-01-27]
CHR Extension: (Google Wallet) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-07]
CHR Extension: (Snorklet) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeacenklgehgjiokgmeodnndpppobglm [2014-12-08]
CHR Extension: (Gmail) - C:\Users\Prateek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-30] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-30] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-07] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-07] (Avast Software)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [13664 2009-12-31] (Aladdin Knowledge Systems, Ltd.)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2010-03-03] (HP) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-11] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 nvservice; C:\Windows\system32\nvservice.exe [192800 2013-02-04] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-24] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [958112 2011-10-24] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [20992 2014-10-10] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-27] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 mr7910; C:\Windows\System32\DRIVERS\mr7910.sys [55808 2007-03-16] (Mars Semiconductor Corp.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-12-07] ()
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-07] (Avast Software)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-19 16:03 - 2015-02-22 16:25 - 00000000 ____D () C:\Users\Prateek\Desktop\Removal Virus
2015-02-19 13:11 - 2015-02-19 13:11 - 00000066 _____ () C:\Users\Prateek\Desktop\LIC.txt
2015-02-17 21:56 - 2015-02-17 22:01 - 00000000 ____D () C:\AdwCleaner
2015-02-17 16:16 - 2015-02-22 16:25 - 00000000 ____D () C:\FRST
2015-02-17 15:37 - 2015-02-17 21:51 - 00004836 _____ () C:\Windows\PFRO.log
2015-02-17 15:04 - 2015-02-22 10:10 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-17 15:03 - 2015-02-17 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-17 15:03 - 2015-02-17 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-17 15:03 - 2015-02-17 15:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-17 15:03 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-17 15:03 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-17 15:03 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-17 00:06 - 2015-02-21 16:29 - 00000560 _____ () C:\Windows\setupact.log
2015-02-17 00:06 - 2015-02-17 00:06 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 18:29 - 2015-02-14 18:29 - 00000000 ____D () C:\Users\Prateek\Desktop\Malaysia
2015-02-14 18:29 - 2015-02-14 18:29 - 00000000 ____D () C:\Users\Prateek\Desktop\Jal Nidhi
2015-02-14 18:14 - 2015-02-20 18:31 - 00000000 ____D () C:\Users\Prateek\Desktop\NITESH
2015-02-13 17:53 - 2015-02-13 18:10 - 00008984 _____ () C:\Users\Prateek\Desktop\Berger Evap.xlsx
2015-02-12 14:46 - 2015-02-20 14:53 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-12 14:46 - 2015-02-12 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-12 14:45 - 2015-02-22 15:50 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-12 14:45 - 2015-02-22 14:50 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-12 14:45 - 2015-02-12 14:45 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-12 14:45 - 2015-02-12 14:45 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-11 16:21 - 2015-02-11 16:22 - 06673920 _____ () C:\Users\Prateek\Desktop\Pal.xls
2015-02-07 14:22 - 2015-02-07 14:22 - 00056320 _____ () C:\Users\Prateek\Desktop\Prateek Jhajharia.xls
2015-02-01 10:23 - 2015-02-01 11:20 - 00000000 ____D () C:\Users\Prateek\Documents\AKJ Grand Backup
2015-01-29 11:56 - 2015-01-29 12:02 - 00015306 _____ () C:\Users\Prateek\Desktop\Alcon.xlsx
2015-01-28 14:56 - 2015-01-28 15:06 - 00021504 _____ () C:\Users\Prateek\Desktop\Om Infra Illus.xls
2015-01-27 17:26 - 2015-01-28 14:56 - 00024576 _____ () C:\Users\Prateek\Desktop\Bitchem Discount.xls
2015-01-25 14:27 - 2015-02-08 12:55 - 00000404 _____ () C:\Users\Prateek\Desktop\Disc.txt
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-22 15:48 - 2014-02-17 09:04 - 01899503 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 18:36 - 2013-05-08 11:38 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-21 16:38 - 2009-07-14 10:15 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-21 16:38 - 2009-07-14 10:15 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 16:31 - 2013-05-02 16:31 - 00000000 ___RD () C:\Users\Prateek\Documents\Dropbox
2015-02-21 16:31 - 2013-05-02 16:25 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\Dropbox
2015-02-21 16:29 - 2013-05-03 03:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-21 16:29 - 2009-07-14 10:38 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-21 16:29 - 2009-07-14 10:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-20 20:00 - 2013-05-02 19:06 - 00000144 _____ () C:\Windows\ODBC.INI
2015-02-20 20:00 - 2013-05-02 19:06 - 00000023 _____ () C:\Windows\ODBCINST.INI
2015-02-20 19:53 - 2013-05-02 19:05 - 00000061 _____ () C:\Users\Prateek\Documents\TallyODBC_9000.dsn
2015-02-20 19:52 - 2014-09-04 10:41 - 00000000 ____D () C:\Tally.ERP9 Gold
2015-02-20 12:21 - 2013-05-02 19:26 - 00000000 ____D () C:\Tally.ERP9
2015-02-19 19:15 - 2013-05-02 22:05 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\Skype
2015-02-19 18:23 - 2013-05-02 23:31 - 00000000 ____D () C:\Users\Prateek\AppData\Local\CutePDF Writer
2015-02-17 21:40 - 2013-05-31 19:01 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\uTorrent
2015-02-17 11:23 - 2013-09-07 13:21 - 00012800 ___SH () C:\Users\Prateek\Thumbs.db
2015-02-16 20:11 - 2013-05-02 22:00 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\TeamViewer
2015-02-16 17:16 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\AppCompat
2015-02-16 17:15 - 2013-05-02 16:47 - 00000000 ____D () C:\Users\Prateek\AppData\Local\Microsoft Help
2015-02-16 17:15 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\registration
2015-02-16 11:11 - 2013-05-02 16:28 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-16 07:25 - 2013-08-21 17:47 - 00000000 ____D () C:\Users\Guest
2015-02-16 03:48 - 2013-05-02 15:30 - 00000000 ____D () C:\Users\Prateek
2015-02-14 18:22 - 2014-09-16 16:03 - 69590528 _____ () C:\TBK900.001
2015-02-14 14:26 - 2009-07-14 11:02 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-02-13 09:02 - 2013-06-18 10:28 - 00000000 ____D () C:\Users\Prateek\AppData\Local\CrashDumps
2015-02-12 14:46 - 2013-05-02 15:55 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-12 14:42 - 2014-03-25 19:01 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000UA.job
2015-02-12 14:42 - 2014-03-25 19:01 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000Core.job
2015-02-12 13:51 - 2013-05-02 16:06 - 00000000 ____D () C:\Setup Files
2015-02-12 12:41 - 2014-03-25 19:01 - 00003902 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000UA
2015-02-12 12:41 - 2014-03-25 19:01 - 00003506 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000Core
2015-02-06 18:45 - 2013-07-26 19:13 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\vlc
2015-02-05 14:49 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-04 17:38 - 2009-07-14 10:43 - 00802440 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-30 09:55 - 2013-06-08 12:25 - 00000000 ____D () C:\Users\Prateek\AppData\Roaming\Mozilla
2015-01-27 18:28 - 2014-12-19 14:18 - 00042496 _____ () C:\Users\Prateek\Desktop\Mum bit Raj.xls
2015-01-25 18:21 - 2015-01-22 14:47 - 00023733 _____ () C:\Users\Prateek\Desktop\Renish MOL Ac.xlsx
 
==================== Files in the root of some directories =======
 
2014-03-25 11:15 - 2014-03-25 12:34 - 49940480 _____ () C:\Program Files (x86)\GUTDDC1.tmp
2014-03-01 20:45 - 2014-03-01 20:45 - 0037857 _____ () C:\Users\Prateek\AppData\Roaming\Comma Separated Values (DOS).ADR
2013-07-11 21:33 - 2013-07-11 21:33 - 0012960 _____ () C:\Users\Prateek\AppData\Roaming\Comma Separated Values (DOS).CAL
2013-07-11 21:22 - 2014-03-01 21:05 - 0037861 _____ () C:\Users\Prateek\AppData\Roaming\Comma Separated Values (Windows).ADR
2013-05-18 16:06 - 2014-08-21 17:53 - 0000177 _____ () C:\Users\Prateek\AppData\Roaming\default.rss
2014-07-20 14:04 - 2014-11-19 13:04 - 0004096 ____H () C:\Users\Prateek\AppData\Local\keyfile3.drm
2013-05-23 13:25 - 2014-12-07 22:41 - 0007659 _____ () C:\Users\Prateek\AppData\Local\Resmon.ResmonCfg
2013-05-17 18:17 - 2013-05-17 18:17 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-05-02 18:50 - 2014-08-11 17:00 - 0005750 _____ () C:\ProgramData\hpzinstall.log
 
Some content of TEMP:
====================
C:\Users\Prateek\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmilx2i.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-13 08:49
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-02-2015
Ran by Prateek at 2015-02-22 16:26:11
Running from C:\Users\Prateek\Desktop\Removal Virus
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
"Nero SoundTrax Help (x32 Version: 4.0.15.0 - Nero AG) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camera Viewer Pro (HKU\S-1-5-21-2070679833-1579982074-2905736653-1000\...\d48b2eab0200c4e7) (Version: 1.2.8.1 - MKL Vision Systems)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.18.50 - Conexant)
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - Acro Software Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeviceDiscovery (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Dropbox (HKU\S-1-5-21-2070679833-1579982074-2905736653-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
ePass1000Auto (Remove only) (HKLM-x32\...\ePass1000Auto-4FE7-A218-48BDAE051E2B_std) (Version:  - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
eToken PKI Client 5.1 SP1 (HKLM\...\{BC5C2BEB-87AF-4636-9184-CA10C3C740B8}) (Version: 5.1.66.0 - Aladdin Knowledge Systems Ltd.)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Deskjet 3540 series Basic Device Software (HKLM\...\{8F1D4329-FB9A-4D9D-BC13-DDA877A1513D}) (Version: 32.1.145.46951 - Hewlett-Packard Co.)
HP Deskjet 3540 series Help (HKLM-x32\...\{1D456349-7D00-479E-A2A9-C846CE390FE5}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 4620 series Basic Device Software (HKLM\...\{058F186E-FBE2-4871-A5D5-2C3FBC1D0740}) (Version: 26.0.784.0 - Hewlett-Packard Co.)
HP Deskjet 4620 series Product Improvement Study (HKLM\...\{BB09C020-4B84-41D0-A019-122D8E832DFD}) (Version: 26.0.784.0 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP LaserJet M1522 MFP Series 4.2 (HKLM\...\{C8A37F1F-E13B-48ae-93F8-4669264969F9}) (Version: 4.2 - HP)
HP Officejet Pro 3620 Basic Device Software (HKLM\...\{E6D8E91D-F3CF-479A-8AF7-2229B11D6473}) (Version: 29.1.971.39251 - Hewlett-Packard Co.)
HP Officejet Pro 3620 Help (HKLM-x32\...\{DAEBC38F-C07B-4900-B4B9-3E7D1890DF4F}) (Version: 29.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
hppFaxDrvM1522 (x32 Version: 003.100.00001 - Hewlett-Packard) Hidden
hppFaxUtility (x32 Version: 000.105.00107 - Hewlett-Packard) Hidden
hppFonts (x32 Version: 001.001.00056 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 001.300.00005 - Hewlett-Packard) Hidden
hppLJM1522 (x32 Version: 002.101.00002 - Hewlett-Packard) Hidden
hppManualsM1522 (x32 Version: 002.103.00002 - Hewlett-Packard) Hidden
hppScanTo (x32 Version: 002.102.00003 - Hewlett-Packard) Hidden
hppSendFaxM1522 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppTLBXFXM1522 (x32 Version: 001.005.00009 - Hewlett-Packard) Hidden
hppusgM1522 (x32 Version: 000.000.00004 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Hewlett Packard Development Company L.P.)
hpzTLBXFX (x32 Version: 005.013.00185 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Java 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005F0}) (Version: 7.0.50 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.13.2.0 - LG Electronics)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Media Gallery (Version: 2.0.0.11150 - Sony Corporation) Hidden
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 SDK (x64) ENU  (HKLM\...\{546B499C-2CEB-409C-AA03-59CE8B5A6AFA}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 35.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-GB)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{03cf9af5-de1f-443f-9a4b-11d671fc893a}) (Version:  - Nero AG)
NEST3 (HKLM-x32\...\{2BA90915-E948-4059-8F21-767A93BFA318}) (Version: 3.11.2.1 - omnesysindia)
NestPlus (HKLM-x32\...\{023E0B19-8E10-43C7-8CC8-4E483B7E32A8}) (Version: 2.9.00001 - Omnesys)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Driver 269.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 269.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 269.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 269.73 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
NVIDIA nView 136.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0507 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0507 - NVIDIA Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Product Improvement Study for HP Officejet Pro 3620 (HKLM\...\{F756EFFE-0AC3-43ED-8A95-0E6198835AC2}) (Version: 29.1.971.39251 - Hewlett-Packard Co.)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Realsoft 10.0 (HKLM-x32\...\{36A92FEE-A60C-4441-85AF-269458D2C795}) (Version: 9.2 - )
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SoundTrax (x32 Version: 4.0.18.0 - Nero AG) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
Tally.ERP 9 (HKLM-x32\...\{60CE00F9-AC0B-48AA-9C4B-0DC3F350B695}) (Version:  - Tally Solutions Pvt. Ltd.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.35436 Beta - TeamViewer)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VAIO - Media Gallery - VAIO Personalization Manager Update (HKLM\...\{50A7190B-5DA6-4A51-B275-3D413E617BA6}) (Version: 4.2.5.07160 - Sony Corporation)
VAIO - Media Gallery (HKLM-x32\...\{DD696AF7-8A89-41D5-976A-2053E41A69BE}) (Version: 2.2.2.09110 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.10.11160 - Sony Corporation)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{55A60C1D-BEBF-4249-BFB2-F4E5C2E77988}) (Version: 8.4.1.07021 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.5 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.5 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.1.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.0.08120 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Viber (HKU\S-1-5-21-2070679833-1579982074-2905736653-1000\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WebReg (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinZip 16.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}) (Version: 16.5.10095 - WinZip Computing, S.L. )
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Prateek\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Prateek\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Prateek\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2070679833-1579982074-2905736653-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Prateek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
29-09-2014 12:19:41 Scheduled Checkpoint
08-10-2014 20:28:44 Scheduled Checkpoint
22-10-2014 16:19:52 Scheduled Checkpoint
29-10-2014 11:23:48 Installed Realsoft 10.0
06-11-2014 22:23:58 Scheduled Checkpoint
15-11-2014 13:35:32 Scheduled Checkpoint
24-11-2014 17:54:53 Scheduled Checkpoint
01-12-2014 16:02:49 Windows Backup
07-12-2014 21:56:15 Removed NEST3
07-12-2014 21:58:15 Installed NEST3
07-12-2014 22:02:46 avast! antivirus system restore point
07-12-2014 22:27:54 Installed VAIO Care.
07-12-2014 22:34:49 Windows Update
07-12-2014 23:11:37 Windows Update
15-12-2014 15:33:21 Removed NEST3
15-12-2014 15:34:53 Removed NEST3
15-12-2014 15:42:17 Installed NEST3
15-12-2014 15:57:35 Installed NestPlus
20-12-2014 19:55:06 Installed LG United Mobile Driver
05-01-2015 15:55:43 Installed Extended Asian Language font pack for Adobe Reader XI.
13-01-2015 15:09:46 Scheduled Checkpoint
23-01-2015 22:20:44 Scheduled Checkpoint
02-02-2015 17:02:40 Scheduled Checkpoint
13-02-2015 08:56:54 Scheduled Checkpoint
13-02-2015 08:58:54 Windows Update
16-02-2015 11:27:27 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 08:04 - 2014-05-29 10:50 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0BE9C1A1-5798-48C8-961D-D99DCA0E1133} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {1EDA129D-5D89-4BE0-9AE7-313E7DE41BDC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {1FA9BB85-30C8-4320-8D00-2442FB1FD1A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-12] (Google Inc.)
Task: {2021150B-5C11-47B7-8210-771C92467929} - System32\Tasks\{0CB3DC11-8188-4BA5-A0EC-AF209CB67696} => pcalua.exe -a "C:\Setup Files\LG Mobile G3\B2CAppSetup.exe" -d "C:\Setup Files\LG Mobile G3"
Task: {212D5425-6E60-4726-AD31-9DB3B3927F49} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-12] (Google Inc.)
Task: {28051FC2-6282-46D1-A6A6-A11DE9FDA050} - System32\Tasks\Start Skype at logon => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {3C57A131-2545-45B1-9B3A-841C09084799} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {3D7ADFBA-C240-4812-A30F-C1F2F295B61A} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {3E8C70F5-76BD-4631-82BD-22D68F1489B3} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-06-25] (Sony Corporation)
Task: {3FBE6A57-C245-437A-915D-92FE22A7FF7A} - System32\Tasks\{349B247E-9BD9-40D2-829B-82A91CFF9337} => pcalua.exe -a "C:\Setup Files\Tally.ERP.Build189\Tally.ERP.Build189\install.exe" -d "C:\Setup Files\Tally.ERP.Build189\Tally.ERP.Build189"
Task: {4FEBA143-8511-4A4B-9E16-F7990E88E5DC} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {5C95A255-AFFB-46CC-B5BD-483C7C213AD4} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {5D522B72-5CFB-45F6-9F3D-F8F91B18EA6C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-07] (AVAST Software)
Task: {5F080627-DFEA-4934-A9BB-8E3F2752E6DF} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {7304197D-DC33-4E27-91D2-D61C0357AFB3} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {81F5F22A-36FA-47D9-A788-54FFC195ED0A} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {8507FDA9-84BC-4D9C-B2BD-BBC8072811BC} - System32\Tasks\HPCustParticipation HP Officejet Pro 3620 => C:\Program Files\HP\HP Officejet Pro 3620\Bin\HPCustPartic.exe [2012-10-21] (Hewlett-Packard Co.)
Task: {89488628-11A9-4C5F-9E7C-6FBDFEF3CBF0} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {94908A22-7E57-4D7C-879F-A942573490A9} - System32\Tasks\{55D16FE6-84EB-403D-BDD7-8053A2605475} => pcalua.exe -a "C:\Tally.ERP9 Gold\uninstall.exe" -d "C:\Tally.ERP9 Gold"
Task: {95076B66-0367-4750-909F-48BD5B5CEDE9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {993D7BD2-CCFE-4070-9027-148A6C51C90B} - System32\Tasks\HPCustParticipation HP Deskjet 4620 series => C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPCustPartic.exe [2011-12-18] (Hewlett-Packard Co.)
Task: {9E099B43-E8C9-415E-ACFA-0F169F8286F1} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {A17A1ECB-1A2D-4B8E-BE19-68063231F37B} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {B8F8CFF8-09F9-4ED3-9D25-1AB7C7A5CB54} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {B90FA982-5493-4D49-8986-2FF7270241CB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000Core => C:\Users\Prateek\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: {BA9EF052-E74A-45A0-8338-2EB72F7D7F3E} - System32\Tasks\{085ACA86-5DCC-4023-8B82-DAB3BA334A32} => pcalua.exe -a "C:\Users\Prateek\APPDATA\LOCAL\TEMP\wz6c2c\24_realsoft 9.2.exe" -d "C:\Setup Files"
Task: {BC768541-2630-49E0-8AB7-6AFA988F3BB0} - System32\Tasks\{4C176386-ECDA-4EC1-94F3-93A7E3848BB4} => pcalua.exe -a D:\setup.exe -d D:\
Task: {C73660A5-BAEC-4307-BA9C-20718DB62DF5} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {D62EDF89-8772-4500-AC0D-DA4C03E998A5} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {D855D1FA-F378-4C9E-8B0B-37989AF51B73} - System32\Tasks\{085E0BB3-C9E1-4E4A-93CE-A993060E3AC6} => pcalua.exe -a "C:\Setup Files\converter.exe" -d "C:\Setup Files"
Task: {DCF787D1-AD3A-43C2-A0B9-875594AD2981} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {E21041B7-DF4E-45E5-90A6-DEAE7D8910AD} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {E77E9524-03D0-4C99-8DB1-563EC51C679C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000UA => C:\Users\Prateek\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: {E8E5EDBA-D838-40EC-AB02-F4A3F2F40898} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-01-27] (Sony Corporation)
Task: {F10F494C-1B96-4CA0-BE72-8F1D5A2E55A9} - System32\Tasks\{917E00C2-94CC-40B1-9D7F-2C9E2FBE827F} => pcalua.exe -a "C:\Program Files (x86)\Java\jre6\bin\javacpl.exe" -d C:\Users\Prateek\Desktop
Task: {F4B02324-DCE9-4E76-9722-E7C8F102525A} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {F926C376-A075-44C2-A560-E83E94FC1C20} - System32\Tasks\HP AR Program Upload - 07a9bf564df1485e8c825c387d35010c33d66459ff2746969a1c5d5179bb1218 => C:\Program Files\HP\HP Officejet Pro 3620\bin\HPRewards.exe [2012-10-21] (TODO: <Company name>)
Task: {FB6AEECE-9F70-4DE9-8032-6CF2E8AA2C19} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {FC259097-F059-4F7D-9E5D-1BA1BB478268} - System32\Tasks\HP AR Program Upload - f8dc02a69fef4755a95be7474eb9fdba85d33fca1a0a490ab763c25fbe8f5eb4 => C:\Program Files\HP\HP Officejet Pro 3620\bin\HPRewards.exe [2012-10-21] (TODO: <Company name>)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000Core.job => C:\Users\Prateek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2070679833-1579982074-2905736653-1000UA.job => C:\Users\Prateek\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-05-02 18:44 - 2013-10-23 15:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2014-12-07 22:07 - 2014-12-07 22:07 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-07 22:07 - 2014-12-07 22:07 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-05-03 03:20 - 2011-09-07 10:44 - 00380736 _____ () C:\Program Files\NVIDIA Corporation\nView\nvshell.dll
2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-12 12:15 - 2015-02-12 12:15 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15021101\algo.dll
2014-12-07 22:07 - 2014-12-07 22:07 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2013-05-03 03:26 - 2011-03-06 05:12 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-12-07 22:08 - 2014-12-07 22:08 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-11 02:30 - 2015-02-11 02:30 - 00750080 _____ () C:\Users\Prateek\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-21 16:31 - 2015-02-21 16:31 - 00043008 _____ () c:\users\prateek\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmilx2i.dll
2015-02-11 02:30 - 2015-02-11 02:30 - 00047616 _____ () C:\Users\Prateek\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-11 02:30 - 2015-02-11 02:30 - 00865280 _____ () C:\Users\Prateek\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-11 02:30 - 2015-02-11 02:30 - 00200704 _____ () C:\Users\Prateek\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-02-20 14:53 - 2015-02-18 04:14 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 14:53 - 2015-02-18 04:14 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 14:53 - 2015-02-18 04:14 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2014-12-08 00:37 - 2014-12-08 00:37 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ad4c4edfdad8e430af19da64ab282d96\IsdiInterop.ni.dll
2013-05-03 03:12 - 2010-11-06 12:20 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-11-01 14:59 - 2013-11-01 14:59 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2070679833-1579982074-2905736653-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Prateek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 172.20.10.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2
MSCONFIG\startupreg: 59A6A3648C2098860905A01BC0EC67CB884511C0._service_run => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ePass1000Auto => C:\Program Files (x86)\EnterSafe\ePass1000Auto\certd1ka.exe
MSCONFIG\startupreg: eTMonitor => "C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Prateek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPUsageTracking => "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
MSCONFIG\startupreg: ToolBoxFX => "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: UpdateTool => C:\Program Files (x86)\Bin\UpdateTool\YTBUpdater.exe
MSCONFIG\startupreg: uTorrent => C:\Users\Prateek\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2070679833-1579982074-2905736653-500 - Administrator - Disabled)
Guest (S-1-5-21-2070679833-1579982074-2905736653-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-2070679833-1579982074-2905736653-1002 - Limited - Enabled)
Prateek (S-1-5-21-2070679833-1579982074-2905736653-1000 - Administrator - Enabled) => C:\Users\Prateek
 
==================== Faulty Device Manager Devices =============
 
Name: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Description: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/21/2015 09:43:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (02/21/2015 09:05:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013
 
Error: (02/21/2015 09:05:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2013
 
Error: (02/21/2015 09:05:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/21/2015 09:05:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999
 
Error: (02/21/2015 09:05:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999
 
Error: (02/21/2015 09:05:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/21/2015 08:15:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12169
 
Error: (02/21/2015 08:15:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12169
 
Error: (02/21/2015 08:15:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (02/21/2015 08:16:38 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (02/21/2015 04:30:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (02/21/2015 04:30:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (02/21/2015 04:30:02 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error: 
%%5
 
Error: (02/21/2015 04:29:39 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (02/20/2015 00:08:30 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (02/20/2015 08:28:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (02/20/2015 08:28:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (02/20/2015 08:28:03 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error: 
%%5
 
Error: (02/20/2015 08:27:38 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
 
Microsoft Office Sessions:
=========================
Error: (12/26/2014 05:30:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 21958 seconds with 7200 seconds of active time.  This session ended with a crash.
 
Error: (11/17/2014 06:54:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 4279 seconds with 1800 seconds of active time.  This session ended with a crash.
 
Error: (10/14/2014 11:49:25 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 933 seconds with 360 seconds of active time.  This session ended with a crash.
 
Error: (08/30/2014 03:04:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1373 seconds with 1200 seconds of active time.  This session ended with a crash.
 
Error: (07/12/2014 11:37:34 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2658 seconds with 1860 seconds of active time.  This session ended with a crash.
 
Error: (06/23/2014 03:43:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 16473 seconds with 780 seconds of active time.  This session ended with a crash.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 59%
Total physical RAM: 4077.86 MB
Available physical RAM: 1658.76 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 4688.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:454.56 GB) (Free:122.79 GB) NTFS
Drive f: () (Removable) (Total:3.69 GB) (Free:0.48 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9FB74F3B)
Partition 1: (Not Active) - (Size=11.1 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.6 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
Link to post
Share on other sites

Hi and again I apologize, things were really hectic here.

RogueKiller.png Scan with RogueKiller

Please download RogueKiller and save the file to your desktop.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on RogueKiller.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the pre-scan will be done. It shouldn't take more than 2-3 minutes.
  • Accept the Terms of use.
  • When the Scan button becomes available, please click it. RogueKiller will start a full scan.
  • Let this process run uninterrupted!.
  • When finished, a Report button will become available. Click it. You will be presented with a logfile.
Please include the content of this logfile in your next reply.
Link to post
Share on other sites

  • 2 months later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.