Jump to content

Strong Signal Malware please please help...


Recommended Posts

Hi,

I recently download a free software from a untrustworthy source and I ended up being infected with first cut the price (it was spelt cuthe tha price on my computer though)

I simply got rid of it by removing from the extensions bar of chrome.

But this strong signal adware has got me I even download malwarebytedls and ran the tool after the scan it found strong signal and asked me to reboot after removal even after that the ads still come please please tell me how to remove this

Link to post
Share on other sites

Hello and welcome to Malwarebytes.org

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here. Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.


Next,

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Settings.JPG
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Next,

Follow the instructions in the following link to show hidden files:

http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/

Next,

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.

            'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.



To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…




If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either accept the alert or disable your security and allow FRST to run...

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.



Next,

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes select "Report", log will open. Close the program > Don't Fix anything!
  • Post back the report which should also be located here:



C:\Programdata\RogueKiller\Logs <-------- W7/8
C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <------XP


Let me see those logs in your reply....

Thank you,

Kevin...
 

Link to post
Share on other sites

@kevinf80 Here are the scans you requested  :)

 

Malware Bytes Scan - (I had ran a scan before which showed Strong Signal if you require that log you can find it http://pastebin.com/W9qp355R With that being said here is the recent log)

 

Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 18-07-2015Scan Time: 05:36 PMLogfile: MalwareBytesLog1.txtAdministrator: YesVersion: 2.1.8.1057Malware Database: v2015.07.18.02Rootkit Database: v2015.07.17.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: DisabledOS: Windows 8CPU: x64File System: NTFSUser: Sanjoy SahaScan Type: Threat ScanResult: CompletedObjects Scanned: 409697Time Elapsed: 42 min, 28 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledDeep Rootkit Scan: EnabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 2Trojan.Downloader, HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, Quarantined, [1129fde6fd8de25495c25f640ef329d7], Trojan.Downloader, HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, Quarantined, [1129fde6fd8de25495c25f640ef329d7], Registry Values: 0(No malicious items detected)Registry Data: 0(No malicious items detected)Folders: 0(No malicious items detected)Files: 4Trojan.Downloader, C:\ProgramData\{f7eef7ad-d5e6-1ebf-f7ee-ef7add5edeb7}\apk editor pro v1.3.5 cracked apk is here ! [latest].exe, Quarantined, [bb7f43a0d8b2b87e0f48efd49d64eb15], Trojan.Downloader, C:\Users\Sanjoy Saha\AppData\Local\Temp\CD00\temp\APK Editor Pro v1.3.5 Cracked APK is Here ! [Latest].exe, Quarantined, [91a9dd062f5b8aac3423d8eb9a67bc44], Trojan.Downloader, C:\Users\Sanjoy Saha\AppData\Local\Temp\6D58\temp\APK Editor Pro v1.3.5 Cracked APK is Here ! [Latest].exe, Quarantined, [ce6c855e1e6c02341641992a5ca55ba5], Trojan.Downloader, C:\Users\Sanjoy Saha\AppData\Local\Temp\5900\temp\APK Editor Pro v1.3.5 Cracked APK is Here ! [Latest].exe, Quarantined, [1129fde6fd8de25495c25f640ef329d7], Physical Sectors: 0(No malicious items detected)(end)

FarBar Recovery Tool (FRST.txt)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-07-2015Ran by Sanjoy Saha (administrator) on DELL on 18-07-2015 18:29:40Running from C:\Users\Sanjoy Saha\Desktop\Malware FixLoaded Profiles: Sanjoy Saha (Available Profiles: Sanjoy Saha)Platform: Windows 8 Single Language (X64) OS Language: English (United States)Internet Explorer Version 10 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe() C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe() C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe() C:\Program Files (x86)\Reliance 3G\AssistantServices.exe(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe(Microsoft Corporation) C:\Windows\System32\alg.exe(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(Skillbrains) C:\Users\Sanjoy Saha\AppData\Local\Skillbrains\lightshot\5.1.0.15\Lightshot.exe(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.5.450.0\McCSPServiceHost.exe(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe(Microsoft Corporation) C:\Windows\System32\msiexec.exe==================== Registry (Whitelisted) ==================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [692208 2012-12-22] (Alps Electric Co., Ltd.)HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4391072 2012-11-10] (Dell Inc.)HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-14] (Conexant Systems, Inc.)HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [763520 2012-08-09] (Qualcomm Atheros)HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127616 2012-08-09] (Qualcomm Atheros Commnucations)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-24] (CyberLink Corp.)HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [719272 2015-04-02] (McAfee, Inc.)HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Reliance 3G\UIExec.exe [139088 2010-11-25] ()HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKLM\...\Policies\Explorer: [NoFolderOptions] 0HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\Run: [LightShot] => C:\Users\Sanjoy Saha\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226592 2014-03-12] ()HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\Run: [Google Update] => C:\Users\Sanjoy Saha\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-09] (Google Inc.)HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\Run: [Google+ Auto Backup] => C:\Users\Sanjoy Saha\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.)HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\Run: [AlcoholAutomount] => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automountHKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\Run: [AdobeBridge] => [X]HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\Run: [uTorrent] => C:\Users\Sanjoy Saha\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-15] (BitTorrent Inc.)HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)Lsa: [Notification Packages] DPPassFilter scecliStartup: C:\Users\Sanjoy Saha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.6.lnk [2014-04-28]ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)Startup: C:\Users\Sanjoy Saha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3520 series.lnk [2014-07-01]ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3520 series.lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)Startup: C:\Users\Sanjoy Saha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2014-09-07]ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-1318651068-1841157088-2011058566-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-1318651068-1841157088-2011058566-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.comHKU\S-1-5-21-1318651068-1841157088-2011058566-1001\Software\Microsoft\Internet'>http://dell13.msn.comHKU\S-1-5-21-1318651068-1841157088-2011058566-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ieHKU\S-1-5-21-1318651068-1841157088-2011058566-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ieSearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {10CCCA57-8613-4CF5-942B-738AA207C817} URL = SearchScopes: HKU\.DEFAULT -> {10CCCA57-8613-4CF5-942B-738AA207C817} URL = SearchScopes: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001 -> DefaultScope {10CCCA57-8613-4CF5-942B-738AA207C817} URL = SearchScopes: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001 -> {10CCCA57-8613-4CF5-942B-738AA207C817} URL = SearchScopes: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searBHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-08-09] (Qualcomm Atheros Commnucations)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-14] (Oracle Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-14] (Oracle Corporation)Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-03] (McAfee, Inc.)Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-03] (McAfee, Inc.)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-03] (McAfee, Inc.)Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-03] (McAfee, Inc.)Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-04-07] (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-04-07] (McAfee, Inc.)Tcpip\..\Interfaces\{15437D2E-A407-4DBA-9A69-96430DF116EF}: [DhcpNameServer] 192.168.42.129Tcpip\..\Interfaces\{69E2C214-C741-44F4-A86B-440A2A8086E1}: [DhcpNameServer] 192.168.42.129Tcpip\..\Interfaces\{FA377483-E6D1-4DFE-A05B-1F7AC6514E44}: [NameServer] 172.17.79.1,8.8.8.8StartMenuInternet: IEXPLORE.EXE - iexplore.exeFireFox:========FF ProfilePath: C:\Users\Sanjoy Saha\AppData\Roaming\Mozilla\Firefox\Profiles\uuo1ttnk.defaultFF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-14] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-14] (Oracle Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\DigitalPersona\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-05-25] (DigitalPersona, Inc.)FF Plugin HKU\S-1-5-21-1318651068-1841157088-2011058566-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sanjoy Saha\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)FF Plugin HKU\S-1-5-21-1318651068-1841157088-2011058566-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sanjoy Saha\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)FF Plugin HKU\S-1-5-21-1318651068-1841157088-2011058566-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sanjoy Saha\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-10]FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExtFF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2013-07-09]FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorChrome: =======CHR dev: Chrome dev build detected! <======= ATTENTIONCHR Profile: C:\Users\Sanjoy Saha\AppData\Local\Google\Chrome\User Data\DefaultCHR Profile: C:\Users\Sanjoy Saha\AppData\Local\Google\Chrome\User Data\Profile 1CHR Extension: (Google Drive) - C:\Users\Sanjoy Saha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-06]CHR Extension: (YouTube) - C:\Users\Sanjoy Saha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-06]CHR Extension: (Google Search) - C:\Users\Sanjoy Saha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-06]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sanjoy Saha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]CHR Extension: (Google Wallet) - C:\Users\Sanjoy Saha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-06]CHR Extension: (Gmail) - C:\Users\Sanjoy Saha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-06]CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-09]CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-09]CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\DigitalPersona\Bin\ChromeExt\dpchrome.crx [2012-05-25]==================== Services (Whitelisted) =================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [211072 2012-08-09] (Qualcomm Atheros Commnucations) [File not signed]R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-12] (Conexant Systems, Inc.)R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [150224 2014-09-09] (Dell Inc.)R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (Lenovo)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-07-03] (McAfee, Inc.)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [753768 2015-04-07] (McAfee, Inc.)S3 McAWFwk; c:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334760 2012-12-22] (McAfee, Inc.)R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe [207344 2015-04-08] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [612688 2015-04-09] (McAfee, Inc.)S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-02-17] (McAfee, Inc.)R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-04-06] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc.)R2 MyPublicWiFiService; C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [File not signed]R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)R2 UDisk Monitor; C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe [405504 2012-04-28] () [File not signed]R2 UI Assistant Service; C:\Program Files (x86)\Reliance 3G\AssistantServices.exe [253264 2010-11-25] ()S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-08-07] (Atheros) [File not signed]S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [X]S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [X]==================== Drivers (Whitelisted) ====================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-09] (Qualcomm Atheros)R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-02-17] (McAfee, Inc.)R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc.)R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-02-17] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [482600 2015-01-16] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-01-16] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340448 2015-02-17] (McAfee, Inc.)R1 ndiskhaz; C:\Windows\system32\DRIVERS\ndiskhaz.sys [30536 2012-12-07] (Khalil Azzouzi)R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2014-05-10] (Duplex Secure Ltd.)R3 ST_Accel; C:\Windows\System32\drivers\ST_Accel.sys [71832 2012-07-14] (STMicroelectronics)S3 teVirtualMIDI64; C:\Windows\system32\DRIVERS\teVirtualMIDI64.sys [30208 2012-08-15] (Tobias Erichsen)S3 ztemtusbser; C:\Windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys [120704 2012-04-05] (ZTEMT Incorporated)S3 Delldiag; \??\D:\pcdr\bin\PCDRExec\DellDiags\64\DDDriver.sys [X]U2 McMPFSvc; No ImagePath==================== NetSvcs (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== One Month Created files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2015-07-18 18:29 - 2015-07-18 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2015-07-18 18:29 - 2015-07-18 18:29 - 00000000 ____D C:\FRST2015-07-18 18:25 - 2015-07-18 18:25 - 00000000 ___RD C:\Users\Sanjoy Saha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices2015-07-18 17:29 - 2015-07-18 18:29 - 00000000 ____D C:\Users\Sanjoy Saha\Desktop\Malware Fix2015-07-18 01:46 - 2015-07-18 01:47 - 00287864 _____ C:\Windows\Minidump\071815-18296-01.dmp2015-07-17 23:56 - 2015-07-18 18:26 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-07-17 23:56 - 2015-07-17 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-07-17 23:56 - 2015-07-17 23:56 - 00000000 ____D C:\ProgramData\Malwarebytes2015-07-17 23:56 - 2015-07-17 23:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware2015-07-17 23:56 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-07-17 23:56 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-07-17 23:56 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-07-17 23:46 - 2015-07-17 23:52 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Sanjoy Saha\Downloads\mbam-setup-2.1.8.1057.exe2015-07-17 23:07 - 2015-07-17 23:07 - 00898934 _____ C:\Users\Sanjoy Saha\Downloads\templated-ion.zip2015-07-17 22:59 - 2015-07-17 23:04 - 00000000 ____D C:\Users\Sanjoy Saha\AppData\Local\JetBrains2015-07-17 22:43 - 2015-07-17 22:43 - 00202464 _____ C:\Users\Sanjoy Saha\Downloads\ucs.rar2015-07-17 22:07 - 2015-07-17 22:07 - 00802424 _____ (JetBrains) C:\Users\Sanjoy Saha\Downloads\JetBrains.dotPeek.2015.1.1.web.exe2015-07-17 13:28 - 2015-07-17 13:28 - 01031030 _____ C:\Users\Sanjoy Saha\Downloads\andromeda-7.x-2.x-dev.zip2015-07-17 13:23 - 2015-07-17 13:23 - 00000392 _____ C:\Users\Sanjoy Saha\Documents\codes_Signer.txt2015-07-17 01:34 - 2015-07-17 01:38 - 00000000 ____D C:\Users\Sanjoy Saha\Documents\TMRWPROJECT2015-07-16 02:29 - 2015-07-16 02:29 - 01837610 _____ C:\Users\Sanjoy Saha\Downloads\paste-1.9.zip2015-07-16 02:18 - 2015-07-17 23:07 - 00000000 ____D C:\Users\Sanjoy Saha\Desktop\HTML5-Responsive-Coming-Soon-Page2015-07-16 02:18 - 2015-07-16 02:18 - 00145010 _____ C:\Users\Sanjoy Saha\Downloads\html5-responsive-coming-soon-page.zip2015-07-16 02:09 - 2015-07-16 02:09 - 00031486 _____ C:\Users\Sanjoy Saha\Downloads\grand_underconstruction-web (1).zip2015-07-16 01:56 - 2015-07-16 01:56 - 00031486 _____ C:\Users\Sanjoy Saha\Downloads\grand_underconstruction-web.zip2015-07-15 23:29 - 2015-07-15 23:29 - 00000069 _____ C:\Users\Sanjoy Saha\Desktop\serverdets.txt2015-07-15 23:21 - 2015-07-15 23:21 - 00001696 _____ C:\Users\Sanjoy Saha\Downloads\anubhavsaha47b101.pem2015-07-15 20:27 - 2015-07-15 20:27 - 00000010 _____ C:\Users\Sanjoy Saha\Documents\clashofclansserver.txt2015-07-14 11:11 - 2015-07-14 11:20 - 21966517 _____ C:\Users\Sanjoy Saha\Downloads\APK-Edit-master.zip2015-07-14 11:08 - 2015-07-16 23:51 - 00000000 ____D C:\ProgramData\jhbbipgbeophhnfligfmocnfejfedggl2015-07-14 11:05 - 2015-07-17 23:54 - 00000000 ____D C:\Program Files (x86)\CutTahePricE2015-07-14 11:05 - 2015-07-14 11:08 - 00000000 ____D C:\ProgramData\54403738301622765192015-07-14 11:04 - 2015-07-16 23:51 - 00000000 ____D C:\ProgramData\femgcbnaflamellfbdmijcgmnhgadgcl2015-07-14 11:02 - 2015-07-17 23:02 - 00000440 _____ C:\Windows\Tasks\YogaLite.job2015-07-14 11:02 - 2015-07-14 11:02 - 00003338 _____ C:\Windows\System32\Tasks\YogaLite2015-07-14 11:02 - 2015-07-14 11:02 - 00000000 ____D C:\ProgramData\{f7eef7ad-d5e6-1ebf-f7ee-ef7add5edeb7}2015-07-14 04:41 - 2015-07-14 04:42 - 00000000 ____D C:\Users\Sanjoy Saha\Documents\APK Studio2015-07-14 04:27 - 2015-07-14 04:27 - 00000000 ____D C:\Users\Sanjoy Saha\apktool2015-07-14 04:15 - 2015-07-14 04:16 - 09512964 _____ C:\Users\Sanjoy Saha\Downloads\Apktool JB 4.2.2_Signed_By Rizal Lovins Sundanesse.zip2015-07-14 04:14 - 2015-07-14 04:14 - 06344307 _____ C:\Users\Sanjoy Saha\Downloads\apktool_2.0.0.jar2015-07-14 01:37 - 2015-07-14 01:42 - 37218090 _____ C:\Users\Sanjoy Saha\Downloads\Subway Surfers Hack Unlimited Coins2015-07-14 01:07 - 2015-07-14 01:07 - 00000000 ____D C:\ProgramData\Sun2015-07-14 01:07 - 2015-07-14 01:06 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2015-07-14 01:06 - 2015-07-14 01:06 - 00000000 ____D C:\ProgramData\Oracle2015-07-14 01:06 - 2015-07-14 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2015-07-14 01:06 - 2015-07-14 01:06 - 00000000 ____D C:\Program Files (x86)\Java2015-07-14 00:59 - 2015-07-14 00:59 - 00562272 _____ (Oracle Corporation) C:\Users\Sanjoy Saha\Downloads\chromeinstall-8u45.exe2015-07-14 00:55 - 2015-07-16 00:40 - 00000000 ____D C:\Users\Sanjoy Saha\Documents\APP2015-07-14 00:39 - 2015-07-14 00:39 - 00000000 ____D C:\Users\Sanjoy Saha\Downloads\apkstudio-2.0.3b-windows2015-07-14 00:32 - 2015-07-14 00:38 - 27772920 _____ C:\Users\Sanjoy Saha\Downloads\apkstudio-2.0.3b-windows.zip2015-07-12 20:10 - 2015-07-12 20:20 - 45479690 _____ C:\Users\Sanjoy Saha\Downloads\Clash Of Clans-v7.156.1-MOD-Viyaza.com.apk2015-07-12 20:00 - 2015-07-12 20:00 - 00627494 _____ C:\Users\Sanjoy Saha\Downloads\Download Clash of Clans v7.156.1 Mod APK__7816_i1555706732_il1126.exe.zip2015-07-12 19:27 - 2015-07-12 19:37 - 45540546 _____ C:\Users\Sanjoy Saha\Downloads\Clash_of_Clans_v7.65.5_Mod_(www.ApkHouse.com).apk2015-07-12 19:19 - 2015-07-12 19:19 - 00631050 _____ C:\Users\Sanjoy Saha\Downloads\Hacklicious   APK Downloader Downloader.zip2015-07-12 11:28 - 2015-07-12 11:28 - 00050750 _____ C:\Users\Sanjoy Saha\Downloads\Profile Picture,FBEA (1).zip2015-07-12 10:01 - 2015-07-12 10:01 - 00050750 _____ C:\Users\Sanjoy Saha\Downloads\Profile Picture,FBEA.zip2015-07-12 00:38 - 2015-07-12 00:38 - 00130937 _____ C:\Users\Sanjoy Saha\Downloads\project-files.zip2015-07-09 07:19 - 2015-07-14 18:35 - 00000000 ____D C:\Users\Sanjoy Saha\Desktop\Gurudas2015-07-07 06:09 - 2015-07-07 06:09 - 01445774 _____ C:\Users\Sanjoy Saha\Downloads\templated-retrospect.zip2015-07-05 11:42 - 2015-07-05 11:47 - 00010123 _____ C:\Users\Sanjoy Saha\Documents\Year Planner-2015.xlsx2015-07-02 21:09 - 2015-07-02 21:09 - 00000000 ____D C:\Users\Sanjoy Saha\AppData\Roaming\(08-62-66-09-77-B0)2015-06-30 13:18 - 2015-06-30 13:18 - 00287864 _____ C:\Windows\Minidump\063015-16406-01.dmp2015-06-30 13:15 - 2015-06-30 13:16 - 00287864 _____ C:\Windows\Minidump\063015-19453-01.dmp2015-06-30 12:25 - 2015-06-30 12:25 - 00287808 _____ C:\Windows\Minidump\063015-17828-01.dmp2015-06-30 12:17 - 2015-06-30 12:18 - 00287864 _____ C:\Windows\Minidump\063015-19234-01.dmp2015-06-30 10:55 - 2015-06-30 10:55 - 00287808 _____ C:\Windows\Minidump\063015-16890-01.dmp2015-06-26 15:24 - 2015-06-26 15:24 - 00004032 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask2015-06-26 15:24 - 2015-06-26 15:24 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask2015-06-26 15:24 - 2015-06-26 15:24 - 00003222 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest2015-06-26 15:24 - 2015-06-26 15:24 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows2015-06-26 15:24 - 2015-06-26 15:24 - 00000000 ____D C:\Program Files\Dell Support Center2015-06-25 15:38 - 2015-06-25 15:38 - 00287864 _____ C:\Windows\Minidump\062515-20250-01.dmp2015-06-25 15:34 - 2015-06-25 15:34 - 00287864 _____ C:\Windows\Minidump\062515-18937-01.dmp2015-06-24 00:16 - 2015-06-24 00:16 - 00000000 ____D C:\Users\Sanjoy Saha\Documents\Adobe2015-06-23 21:47 - 2015-06-23 21:47 - 00198034 _____ C:\Users\Sanjoy Saha\Downloads\28_days_later.zip2015-06-23 21:45 - 2015-06-23 21:45 - 00006215 _____ C:\Users\Sanjoy Saha\Downloads\telegrafico.zip2015-06-23 21:43 - 2015-06-23 21:43 - 00031172 _____ C:\Users\Sanjoy Saha\Downloads\headline_hplhs.zip2015-06-23 19:46 - 2015-06-23 19:46 - 00031763 _____ C:\Users\Sanjoy Saha\Downloads\skylights-1.0.zip2015-06-23 18:55 - 2015-06-23 18:55 - 00287864 _____ C:\Windows\Minidump\062315-15796-01.dmp2015-06-22 12:45 - 2015-06-22 12:46 - 00287864 _____ C:\Windows\Minidump\062215-18250-01.dmp2015-06-22 12:44 - 2015-06-22 12:44 - 00287864 _____ C:\Windows\Minidump\062215-17828-01.dmp2015-06-22 12:39 - 2015-06-22 12:39 - 00287864 _____ C:\Windows\Minidump\062215-20109-01.dmp2015-06-22 12:37 - 2015-06-22 12:37 - 00287808 _____ C:\Windows\Minidump\062215-19265-01.dmp2015-06-22 07:49 - 2015-06-22 07:49 - 00009790 _____ C:\Users\Sanjoy Saha\Documents\GC Juice Incentive.xlsx2015-06-22 07:32 - 2015-06-22 07:32 - 00009554 _____ C:\Users\Sanjoy Saha\Documents\I.T Returns,2014-2015.xlsx2015-06-20 08:22 - 2015-06-20 08:22 - 00287864 _____ C:\Windows\Minidump\062015-18734-01.dmp2015-06-20 08:20 - 2015-06-20 08:20 - 00287864 _____ C:\Windows\Minidump\062015-18031-01.dmp2015-06-20 08:17 - 2015-06-20 08:18 - 00287864 _____ C:\Windows\Minidump\062015-20296-01.dmp2015-06-20 08:15 - 2015-06-20 08:15 - 00287864 _____ C:\Windows\Minidump\062015-19265-01.dmp2015-06-19 16:24 - 2015-06-19 16:24 - 00287864 _____ C:\Windows\Minidump\061915-58781-01.dmp2015-06-19 16:20 - 2015-06-19 16:21 - 00287864 _____ C:\Windows\Minidump\061915-23625-01.dmp2015-06-19 12:03 - 2015-06-19 12:03 - 00287864 _____ C:\Windows\Minidump\061915-20484-01.dmp2015-06-19 11:56 - 2015-06-19 11:56 - 00287864 _____ C:\Windows\Minidump\061915-56140-01.dmp2015-06-19 11:48 - 2015-06-19 11:48 - 00287864 _____ C:\Windows\Minidump\061915-55453-01.dmp2015-06-19 11:45 - 2015-06-19 11:45 - 00287864 _____ C:\Windows\Minidump\061915-72828-01.dmp==================== One Month Modified files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2015-07-18 18:30 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\system32\sru2015-07-18 18:28 - 2013-07-09 19:50 - 01351667 _____ C:\Windows\WindowsUpdate.log2015-07-18 18:23 - 2015-05-15 19:07 - 00000651 _____ C:\Windows\system32\Drivers\etc\hosts.ics2015-07-18 18:22 - 2013-07-09 19:40 - 00523966 _____ C:\Windows\PFRO.log2015-07-18 18:22 - 2012-07-26 12:52 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-07-18 18:21 - 2012-07-26 10:56 - 00524288 ___SH C:\Windows\system32\config\BBI2015-07-18 18:19 - 2014-04-28 15:43 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1318651068-1841157088-2011058566-10012015-07-18 17:56 - 2014-05-09 09:06 - 00000942 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1318651068-1841157088-2011058566-1001UA.job2015-07-18 17:49 - 2014-04-30 12:42 - 00000410 _____ C:\Windows\Tasks\update-sys.job2015-07-18 17:19 - 2012-07-26 12:58 - 00005602 _____ C:\Windows\system32\PerfStringBackup.INI2015-07-18 17:15 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\system32\NDF2015-07-18 08:52 - 2014-04-30 12:42 - 00000410 _____ C:\Windows\Tasks\update-S-1-5-21-1318651068-1841157088-2011058566-1001.job2015-07-18 02:01 - 2014-04-28 15:44 - 00000000 ____D C:\Users\Sanjoy Saha\AppData\Local\Adobe2015-07-18 01:56 - 2014-05-09 09:06 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1318651068-1841157088-2011058566-1001Core.job2015-07-18 01:46 - 2014-05-30 19:57 - 665468517 _____ C:\Windows\MEMORY.DMP2015-07-18 01:46 - 2014-05-30 19:57 - 00000000 ____D C:\Windows\Minidump2015-07-18 00:39 - 2015-05-20 14:10 - 00000000 ____D C:\Users\Sanjoy Saha\Desktop\Logo2015-07-18 00:36 - 2013-07-09 20:22 - 00000000 ____D C:\Windows\en2015-07-17 23:09 - 2014-05-04 23:04 - 00002194 ____H C:\Users\Sanjoy Saha\Documents\Default.rdp2015-07-17 22:47 - 2015-04-07 15:33 - 00000000 ____D C:\Users\Sanjoy Saha\Documents\Visual Studio 20122015-07-17 12:06 - 2015-04-03 21:50 - 00713728 ___SH C:\Users\Sanjoy Saha\Desktop\Thumbs.db2015-07-17 08:15 - 2014-05-02 10:59 - 03492864 ___SH C:\Users\Sanjoy Saha\Documents\Thumbs.db2015-07-16 01:51 - 2014-05-09 09:06 - 00003900 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1318651068-1841157088-2011058566-1001UA2015-07-16 01:51 - 2014-05-09 09:06 - 00003520 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1318651068-1841157088-2011058566-1001Core2015-07-15 23:28 - 2014-05-03 21:52 - 00513536 ___SH C:\Users\Sanjoy Saha\Downloads\Thumbs.db2015-07-15 19:19 - 2012-07-26 12:51 - 00045011 _____ C:\Windows\setupact.log2015-07-14 20:22 - 2014-04-28 14:12 - 00000000 ____D C:\Users\Sanjoy Saha2015-07-14 18:33 - 2012-07-26 10:56 - 00262144 ___SH C:\Windows\system32\config\ELAM2015-07-14 18:32 - 2015-03-23 09:30 - 05068088 _____ C:\Windows\system32\FNTCACHE.DAT2015-07-14 05:11 - 2014-05-11 01:04 - 00000132 _____ C:\Users\Sanjoy Saha\AppData\Roaming\Adobe PNG Format CS6 Prefs2015-07-13 20:26 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\AUInstallAgent2015-07-13 10:46 - 2015-05-17 07:58 - 00000000 ____D C:\Users\Sanjoy Saha\Desktop\Projects2015-07-13 00:00 - 2014-04-28 22:16 - 00000000 ____D C:\Users\Sanjoy Saha\AppData\Local\CrashDumps2015-07-12 12:17 - 2014-05-16 22:37 - 00000000 ____D C:\Users\Sanjoy Saha\AppData\Roaming\Skype2015-07-12 11:17 - 2015-05-25 00:41 - 00000000 ___RD C:\Program Files (x86)\Skype2015-07-12 11:17 - 2014-05-16 22:37 - 00000000 ____D C:\ProgramData\Skype2015-07-11 17:36 - 2015-06-13 17:00 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk2015-07-11 16:30 - 2015-06-14 21:40 - 00000000 ____D C:\Users\Sanjoy Saha\AppData\Local\Lenovo2015-07-11 06:20 - 2013-07-09 20:23 - 00000000 ____D C:\Program Files (x86)\McAfee2015-07-05 12:12 - 2015-05-27 22:46 - 00000000 ____D C:\Users\Sanjoy Saha\AppData\Roaming\Apple Computer2015-07-04 21:59 - 2015-01-21 21:03 - 00000000 ____D C:\Users\Sanjoy Saha\Documents\Bluetooth Folder2015-07-04 21:59 - 2014-04-28 14:14 - 00000000 ____D C:\Users\Sanjoy Saha\AppData\Roaming\Atheros2015-06-26 15:28 - 2015-05-03 21:29 - 00000426 _____ C:\Windows\Tasks\Dell SupportAssistAgent AutoUpdate.job2015-06-26 15:24 - 2013-07-09 20:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell2015-06-26 15:23 - 2013-07-09 20:13 - 00000000 ____D C:\ProgramData\PCDr2015-06-19 10:27 - 2013-07-09 20:23 - 00000000 ____D C:\Program Files\Common Files\mcafee2015-06-19 10:27 - 2012-07-26 13:42 - 00000000 ___HD C:\Windows\ELAMBKUP==================== Files in the root of some directories =======2014-05-11 01:04 - 2015-07-14 05:11 - 0000132 _____ () C:\Users\Sanjoy Saha\AppData\Roaming\Adobe PNG Format CS6 Prefs2015-03-08 17:15 - 2015-04-08 12:37 - 0065588 _____ () C:\Users\Sanjoy Saha\AppData\Roaming\Camdata.ini2015-03-08 17:15 - 2015-04-08 12:37 - 0000408 _____ () C:\Users\Sanjoy Saha\AppData\Roaming\CamLayout.ini2015-03-08 17:15 - 2015-04-08 12:37 - 0000408 _____ () C:\Users\Sanjoy Saha\AppData\Roaming\CamShapes.ini2015-03-08 17:15 - 2015-04-08 12:37 - 0004546 _____ () C:\Users\Sanjoy Saha\AppData\Roaming\CamStudio.cfg2015-03-08 17:05 - 2015-03-08 17:15 - 0000096 _____ () C:\Users\Sanjoy Saha\AppData\Roaming\version2.xml2015-02-17 22:48 - 2015-02-17 22:48 - 0003584 _____ () C:\Users\Sanjoy Saha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2014-04-30 12:42 - 2014-04-30 12:42 - 0000003 _____ () C:\Users\Sanjoy Saha\AppData\Local\updater.log2014-04-30 12:42 - 2014-04-30 12:42 - 0000453 _____ () C:\Users\Sanjoy Saha\AppData\Local\UserProducts.xml2014-11-14 10:32 - 2014-11-14 10:32 - 0000000 _____ () C:\Users\Sanjoy Saha\AppData\Local\{3BD47E9C-CDBA-4B7E-B119-7A2BB0AA76E6}2014-07-01 10:34 - 2014-07-01 10:34 - 0000057 _____ () C:\ProgramData\Ament.iniFiles to move or delete:====================C:\Users\Sanjoy Saha\game.jsC:\Users\Sanjoy Saha\Players.jsC:\Users\Sanjoy Saha\update-watchdogs.batSome files in TEMP:====================C:\Users\Sanjoy Saha\AppData\Local\Temp\BullseyeCoverage-2-x86.dllC:\Users\Sanjoy Saha\AppData\Local\Temp\drm_dyndata_7370014.dllC:\Users\Sanjoy Saha\AppData\Local\Temp\drm_dyndata_7390005.dllC:\Users\Sanjoy Saha\AppData\Local\Temp\dsp_ipp.dllC:\Users\Sanjoy Saha\AppData\Local\Temp\GUR851A.exeC:\Users\Sanjoy Saha\AppData\Local\Temp\GUR8DCF.exeC:\Users\Sanjoy Saha\AppData\Local\Temp\GURF5BE.exeC:\Users\Sanjoy Saha\AppData\Local\Temp\LOOP.EXEC:\Users\Sanjoy Saha\AppData\Local\Temp\Prompt-Downloader-1741268905.exeC:\Users\Sanjoy Saha\AppData\Local\Temp\SkypeSetup.exeC:\Users\Sanjoy Saha\AppData\Local\Temp\xmlUpdater.exeC:\Users\Sanjoy Saha\AppData\Local\Temp\{67A0DC95-FEE5-4439-800C-82DAFD0284A0}-38.0.2125.111_37.0.2062.124_chrome_updater.exeC:\Users\Sanjoy Saha\AppData\Local\Temp\{C19DE831-C97C-42B7-841D-CE3AEF235DE4}-41.0.2272.101_41.0.2272.89_chrome_updater.exe==================== Bamital & volsnap Check =================(There is no automatic fix for files that do not pass verification.)C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2015-07-15 11:11==================== End of log ============================

And Finally the Rouge Killer Report

RogueKiller V10.9.1.0 [Jul  9 2015] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.comOperating System : Windows 8 (6.2.9200 ) 64 bits versionStarted in : Normal modeUser : Sanjoy Saha [Administrator]Started from : C:\Users\Sanjoy Saha\Desktop\Malware Fix\RogueKiller.exeMode : Scan -- Date : 07/18/2015 18:47:09¤¤¤ Processes : 0 ¤¤¤¤¤¤ Registry : 8 ¤¤¤[PUP] (X64) HKEY_USERS\S-1-5-21-1318651068-1841157088-2011058566-1001\Software\Microsoft\Windows\CurrentVersion\Run | LightShot : C:\Users\Sanjoy Saha\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue  -> Found[PUP] (X86) HKEY_USERS\S-1-5-21-1318651068-1841157088-2011058566-1001\Software\Microsoft\Windows\CurrentVersion\Run | LightShot : C:\Users\Sanjoy Saha\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue  -> Found[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1318651068-1841157088-2011058566-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell13.msn.com  -> Found[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1318651068-1841157088-2011058566-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell13.msn.com  -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FA377483-E6D1-4DFE-A05B-1F7AC6514E44} | NameServer : 172.17.79.1,8.8.8.8 ([(Private Address) (XX)][-])  -> Found[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{FA377483-E6D1-4DFE-A05B-1F7AC6514E44} | NameServer : 172.17.79.1,8.8.8.8 ([(Private Address) (XX)][-])  -> Found[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found¤¤¤ Tasks : 2 ¤¤¤[Suspicious.Path] %WINDIR%\Tasks\YogaLite.job -- c:\programdata\{f7eef7ad-d5e6-1ebf-f7ee-ef7add5edeb7}\apk editor pro v1.3.5 cracked apk is here ! [latest].exe (--startup=1 --single) -> Found[Suspicious.Path] \YogaLite -- c:\programdata\{f7eef7ad-d5e6-1ebf-f7ee-ef7add5edeb7}\apk editor pro v1.3.5 cracked apk is here ! [latest].exe (--startup=1 --single) -> Found¤¤¤ Files : 0 ¤¤¤¤¤¤ Hosts File : 0 ¤¤¤¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤¤¤¤ Web browsers : 0 ¤¤¤¤¤¤ MBR Check : ¤¤¤+++++ PhysicalDrive0: HGST HTS725050A7E630 +++++--- User ---[MBR] c1c55d8537553187b5a32b79188ae4bb[BSP] 16959a2efca77aa70e81c0278f439a17 : Empty|VT.Unknown MBR CodePartition table:0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 500 MB1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1026048 | Size: 40 MB2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1107968 | Size: 128 MB3 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1370112 | Size: 500 MB4 - Basic data partition | Offset (sectors): 2394112 | Size: 475770 MBUser = LL1 ... OKUser = LL2 ... OK
Link to post
Share on other sites

I didn't know how to attach the addition so i just added it here sorry for any inconvenience.
 

 

 Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-07-2015
Ran by Sanjoy Saha at 2015-07-18 18:31:07
Running from C:\Users\Sanjoy Saha\Desktop\Malware Fix
Boot Mode: Normal
==========================================================




==================== Accounts: =============================


Administrator (S-1-5-21-1318651068-1841157088-2011058566-500 - Administrator - Disabled)
Guest (S-1-5-21-1318651068-1841157088-2011058566-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1318651068-1841157088-2011058566-1003 - Limited - Enabled)
Sanjoy Saha (S-1-5-21-1318651068-1841157088-2011058566-1001 - Administrator - Enabled) => C:\Users\Sanjoy Saha


==================== Security Center ========================


(If an entry is included in the fixlist, it will be removed.)


AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}


==================== Installed Programs ======================


(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


"Just Cause 2" (HKLM-x32\...\{E2FC9928-87BE-4947-B68E-4A3414E33767}_is1) (Version:  - )
µTorrent (HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Ableton Live 9 Suite (HKLM-x32\...\{A8D189F5-A5BD-4F59-94C3-BD39662B96F7}) (Version: 9.0.0.0 - Ableton)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Blender (HKLM\...\Blender) (Version: 2.72 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Camtasia Studio 8 (HKLM-x32\...\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}) (Version: 8.0.0.878 - TechSmith Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.40.0 - Conexant)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deckadance 2 (HKLM-x32\...\Deckadance 2) (Version: 2.0 - Image-Line)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{4B3230C5-F069-416B-9169-1B84A216ED6A}) (Version: 2.5.1400.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.217 - ALPS ELECTRIC CO., LTD.)
Dell Update (HKLM-x32\...\{7E07B3E7-9A66-41F3-A91D-EC2CCE14E5B9}) (Version: 1.1.1072.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DigitalPersona Fingerprint Software 6.2 (HKLM\...\{A59EF3E5-F532-4E13-9FCF-48B2836FE060}) (Version: 6.2.0.300 - DigitalPersona, Inc.)
DirectWave (HKLM-x32\...\DirectWave) (Version:  - Image-Line)
Drumaxx (HKLM-x32\...\Drumaxx) (Version:  - Image-Line)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
Facebook version 1.0 (HKLM-x32\...\Facebook_is1) (Version: 1.0 - )
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HP Deskjet 3520 series Basic Device Software (HKLM\...\{A0A03B53-927D-4454-A456-CB0A72A4912F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Help (HKLM-x32\...\{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Product Improvement Study (HKLM\...\{14ABDFC2-491B-4AF0-8134-CC5596D0EF57}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL MiniHost (HKLM-x32\...\IL MiniHost) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Lennar Digital Sylenth VSTi v1.2.1 (HKLM-x32\...\Lennar Digital Sylenth VSTi v1.2.1) (Version:  - )
lightshot-5.1.0.15 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.0.15 - Skillbrains)
Linkedin version 1.0 (HKLM-x32\...\Linkedin_is1) (Version: 1.0 - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MBlaze UI (HKLM\...\ZTEWireless-101_is1) (Version:  - )
McAfee AntiVirus (HKLM-x32\...\MSC) (Version: 14.0.1029 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.354 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Mixxx 1.11.0 (HKLM-x32\...\Mixxx (1.11.0)) (Version: 1.11.0 - The Mixxx Development Team)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
MyPublicWiFi 5.1 (HKLM-x32\...\{C08D782B-9281-406B-ABCE-326DA70B8A1F}_is1) (Version:  - TRUE Software)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Node.js (HKLM\...\{40435563-20B0-4DA3-8E52-E5BF28ABE5C3}) (Version: 0.12.2 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team)
PawnSciTE 0.52 (HKLM-x32\...\PawnSciTE 0.52) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.37 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
reFX Nexus 1.0.0 (HKLM-x32\...\{84D04D4F-2201-4AED-BE9A-FFA62069CA19}_is1) (Version: 1.0.0 - reFX)
reFX Nexus 1.0.9 (HKLM-x32\...\reFX Nexus 1.0.9_is1) (Version:  - )
Reliance 3G (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - )
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.1.0 - Lenovo Group Limited)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0028 - ST Microelectronics)
Sugar Bytes Effectrix 1.4.3 (HKLM\...\Effectrix_is1) (Version: 1.4.3 - Sugar Bytes)
Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version:  - )
Sylenth1 v2.21 (HKLM-x32\...\Sylenth1_is1) (Version:  - )
TeamSpeak 3 Client (HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
Twitter version 1.0 (HKLM-x32\...\Twitter_is1) (Version: 1.0 - )
Unity (HKLM-x32\...\Unity) (Version: 5.0.0f4 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\UnityWebPlayer) (Version: 5.0.0f4 - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Validity Sensors DDK (HKLM\...\{40BEDF44-88CF-4FF6-8790-882484452003}) (Version: 4.4.231.0 - Validity Sensors, Inc.)
VirtualDJ PRO Full (HKLM-x32\...\{C515E2A3-4878-4C85-A519-52630C7AB08B}) (Version: 7.3 - Atomix Productions)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.10 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.3 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)


==================== Custom CLSID (Whitelisted): ==========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1318651068-1841157088-2011058566-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sanjoy Saha\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File


==================== Restore Points =========================


23-06-2015 22:29:24 Scheduled Checkpoint
05-07-2015 02:46:35 Scheduled Checkpoint
15-07-2015 19:45:44 Scheduled Checkpoint


==================== Hosts content: ===============================


(If needed Hosts: directive could be included in the fixlist to reset Hosts.)


2012-07-26 10:56 - 2012-07-26 10:56 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


Task: {175C41B2-16DB-49B3-84D3-F5DAF7EC14D4} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {530E0C73-6DBB-45E4-8639-855EEAA5F857} - System32\Tasks\AdobeAAMUpdater-1.0-DELL-Sanjoy Saha => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {5642C915-9376-4398-8108-6B1BD5DCBADB} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {675129FF-608F-4153-9244-B8BF8B2DA3CB} - System32\Tasks\update-S-1-5-21-1318651068-1841157088-2011058566-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: {7D5DA544-73D6-4DF0-BEBE-FA232795EB11} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {87C19CFE-1D10-4B11-AC69-F7A8795D7845} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1318651068-1841157088-2011058566-1001UA => C:\Users\Sanjoy Saha\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-09] (Google Inc.)
Task: {8F10E36B-3629-4245-AD1F-347081CA9637} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-10] (Dell, Inc.)
Task: {9AF89765-1413-4CCB-A242-035367210CCA} - System32\Tasks\YogaLite => c:\programdata\{f7eef7ad-d5e6-1ebf-f7ee-ef7add5edeb7}\apk editor pro v1.3.5 cracked apk is here ! [latest].exe <==== ATTENTION
Task: {9C5AE7F6-5C03-4BE1-A576-C8223F7DF0F2} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {9FBECFE8-0150-4CC5-8CDB-BA4CAABCE6F4} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: {B91109F5-AF69-4065-B8FA-9FB39866AF9F} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {D19377D5-9B22-4E9F-85B2-7A09D5EBC67D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {E26EBB0D-F9BC-40DC-8A5F-818B5DB253FB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1318651068-1841157088-2011058566-1001Core => C:\Users\Sanjoy Saha\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-09] (Google Inc.)
Task: {ECB94A14-DF54-4CAA-9E67-1A9E59CA1DDD} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {EE37C0DB-11D0-49FF-ADA7-3C1EA3C4F0C4} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


Task: C:\Windows\Tasks\Dell SupportAssistAgent AutoUpdate.job => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1318651068-1841157088-2011058566-1001Core.job => C:\Users\Sanjoy Saha\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1318651068-1841157088-2011058566-1001UA.job => C:\Users\Sanjoy Saha\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1318651068-1841157088-2011058566-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\YogaLite.job => c:\programdata\{f7eef7ad-d5e6-1ebf-f7ee-ef7add5edeb7}\apk editor pro v1.3.5 cracked apk is here ! [latest].exe <==== ATTENTION


==================== Loaded Modules (Whitelisted) ==============


2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-15 19:26 - 2013-04-03 14:09 - 00756224 _____ () C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe
2013-07-09 20:17 - 2012-04-25 08:13 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-06-26 12:09 - 2012-04-28 10:05 - 00405504 _____ () C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
2014-07-19 12:26 - 2010-11-25 19:31 - 00253264 _____ () C:\Program Files (x86)\Reliance 3G\AssistantServices.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-06-18 20:54 - 2012-06-18 20:54 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-07-09 20:09 - 2012-10-27 00:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-07-09 20:05 - 2012-07-18 23:33 - 00165024 _____ () C:\Program Files\Conexant\SA3\MaxxAudioWrapper.dll
2012-08-09 02:41 - 2012-08-09 02:41 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
2011-07-19 02:37 - 2011-07-19 02:37 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2014-01-07 05:12 - 2014-01-07 05:12 - 01611264 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-07-09 20:15 - 2012-06-08 09:04 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-09 00:04 - 2012-06-09 00:04 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-07-09 20:04 - 2012-06-25 23:11 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll


==================== Alternate Data Streams (Whitelisted) =========


(If an entry is included in the fixlist, only the ADS will be removed.)


AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}


==================== Safe Mode (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"


==================== EXE Association (Whitelisted) ===============


(If an entry is included in the fixlist, the registry item will be restored to default or removed.)




==================== Internet Explorer trusted/restricted ===============


(If an entry is included in the fixlist, it will be removed from the registry.)




==================== Other Areas ============================


(Currently there is no automatic fix for this section.)


HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img12.jpg
DNS Servers: 192.168.42.129


==================== MSCONFIG/TASK MANAGER disabled items ==


(Currently there is no automatic fix for this section.)


HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "UIExec"
HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - HP Deskjet 3520 series.lnk"
HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\StartupApproved\Run: => "Google+ Auto Backup"
HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1318651068-1841157088-2011058566-1001\...\StartupApproved\Run: => "RGSC"


==================== FirewallRules (Whitelisted) ===============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0A544CC6-C4C8-4567-A929-447E7C73E2FD}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Btvstack.exe
FirewallRules: [{978B2B69-1516-45D5-8E68-E4CA615CAB7D}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
FirewallRules: [{20F6F605-0788-4325-ADD6-1F85DC1B1E13}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
FirewallRules: [{12B5356F-EE4C-4118-8B42-10992727EBC4}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Win7Ui.exe
FirewallRules: [{D733A1B1-522A-477F-9B26-79EC0DA4C30A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{E34DE718-BAD8-4911-B761-FB7BB512AD13}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{95AD32F1-FBD2-47ED-8CCF-8B0071440C72}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{844DD1C8-30AD-419A-89A5-3048A4A6C7C4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F79B2C7E-C1D5-4B7D-B534-127D80CAFDB4}] => (Allow) LPort=2869
FirewallRules: [{07EEBDD5-F0D3-4A1B-B700-4F497B7344A1}] => (Allow) LPort=1900
FirewallRules: [{ED8E4967-660F-4CE4-AEED-D14BF32EBF30}] => (Allow) C:\Users\Sanjoy Saha\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2F3A3B5B-DDD7-428C-8C4E-5CDD5CED2991}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{1F463B0B-FA0D-48FD-AF98-6267A8CC573A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{787D96A2-2F51-4B18-8C49-4D48EF4DA490}] => (Allow) C:\Users\Sanjoy Saha\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{71D14339-721C-405B-9508-92DB3059582F}] => (Allow) C:\Users\Sanjoy Saha\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{52476331-E465-48F4-B04A-EF5919420A7C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [TCP Query User{2BDB9E6A-42CA-4043-B6E8-F2EA21F711A3}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [uDP Query User{AFB40EDA-EF0C-4D93-BA3C-607ABA1BB4DA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{90B568D4-511E-4BA1-BD68-D0EF11571B18}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{CC6094D1-61A7-4540-8E9B-CC96D399BB35}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{BC86ADC8-F78B-4762-A7D0-C70F9A3E73F4}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [uDP Query User{19CDCA25-51AB-4DE4-BEE6-92BFAF459E3F}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{CA36CD1E-D6E3-470A-899A-24ADA26D4AF1}C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\habbis.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\habbis.exe
FirewallRules: [uDP Query User{A39C29CF-0D25-498D-85F4-03F37F54EDC5}C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\habbis.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\habbis.exe
FirewallRules: [TCP Query User{D93297F2-8C0F-4788-BA9F-584B775F3616}C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\weblink.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\weblink.exe
FirewallRules: [uDP Query User{11DF2CCD-B96E-4EA6-A61B-746729BFBB5A}C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\weblink.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\weblink.exe
FirewallRules: [TCP Query User{D076F9B7-26C2-424A-B38A-59196A1B26EC}C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\weblink.vshost.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\weblink.vshost.exe
FirewallRules: [uDP Query User{848863B5-8C9D-4392-9F87-FFA506DA1B4E}C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\weblink.vshost.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\silverwave emulator\silverwave emulator\bin\debug\weblink.vshost.exe
FirewallRules: [TCP Query User{2EB199AA-D3E8-4842-88DB-06F0AB1640DC}C:\users\sanjoy saha\documents\anubhav\habbo\matrix\silverwave emulator\silverwave emulator\bin\debug\weblink.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\matrix\silverwave emulator\silverwave emulator\bin\debug\weblink.exe
FirewallRules: [uDP Query User{1D609F31-D3AF-43F2-A9C7-8FA1109C0A8A}C:\users\sanjoy saha\documents\anubhav\habbo\matrix\silverwave emulator\silverwave emulator\bin\debug\weblink.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\matrix\silverwave emulator\silverwave emulator\bin\debug\weblink.exe
FirewallRules: [TCP Query User{D473C73A-B006-4EA4-B70A-46F1F5083E1D}C:\users\sanjoy saha\documents\anubhav\habbo\matrix\silverwave emulator\silverwave emulator\bin\debug\weblink.vshost.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\matrix\silverwave emulator\silverwave emulator\bin\debug\weblink.vshost.exe
FirewallRules: [uDP Query User{4A90EFB7-F385-4D9C-BC09-537C7BD113F8}C:\users\sanjoy saha\documents\anubhav\habbo\matrix\silverwave emulator\silverwave emulator\bin\debug\weblink.vshost.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\matrix\silverwave emulator\silverwave emulator\bin\debug\weblink.vshost.exe
FirewallRules: [TCP Query User{87338D76-8CF9-40BC-842E-38E8F67DA298}C:\users\sanjoy saha\documents\anubhav\astrorp2\bin\debug\cometrp.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\astrorp2\bin\debug\cometrp.exe
FirewallRules: [uDP Query User{9B6E0A3F-5C79-4FAF-8466-77F677C3C1C3}C:\users\sanjoy saha\documents\anubhav\astrorp2\bin\debug\cometrp.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\astrorp2\bin\debug\cometrp.exe
FirewallRules: [{4A83F4E3-7CB0-479E-AB75-E7904A3352B8}] => (Allow) %USERPROFILE%\Documents\Anubhav\AstroRP2\bin\Debug\CometRp.exe
FirewallRules: [TCP Query User{9C953999-0D7E-47CD-9B86-206D0200ADE8}C:\users\sanjoy saha\documents\anubhav\habbo\astrorp2\bin\debug\plus emulator.vshost.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\astrorp2\bin\debug\plus emulator.vshost.exe
FirewallRules: [uDP Query User{B82019F7-B85F-443B-AEA6-7C269D972836}C:\users\sanjoy saha\documents\anubhav\habbo\astrorp2\bin\debug\plus emulator.vshost.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\astrorp2\bin\debug\plus emulator.vshost.exe
FirewallRules: [TCP Query User{E54FDCC8-452B-4FE7-96B6-5C1FA7E341FB}C:\users\sanjoy saha\documents\anubhav\habbo\astrorp2\bin\debug\plus emulator.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\astrorp2\bin\debug\plus emulator.exe
FirewallRules: [uDP Query User{87CE5FB4-B800-4B83-A91D-864554DBCFBB}C:\users\sanjoy saha\documents\anubhav\habbo\astrorp2\bin\debug\plus emulator.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\astrorp2\bin\debug\plus emulator.exe
FirewallRules: [TCP Query User{AAEAD0C9-B55F-45B5-B14C-B0BE99A7A262}C:\users\sanjoy saha\documents\anubhav\habbo\cometrp\astrorp2\bin\debug\plus emulator.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\cometrp\astrorp2\bin\debug\plus emulator.exe
FirewallRules: [uDP Query User{861E1FE9-A17B-40E7-8134-291632C634D0}C:\users\sanjoy saha\documents\anubhav\habbo\cometrp\astrorp2\bin\debug\plus emulator.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\cometrp\astrorp2\bin\debug\plus emulator.exe
FirewallRules: [TCP Query User{35C3204A-83F6-457B-85F8-0AAC0EEDCC94}C:\users\sanjoy saha\documents\anubhav\habbo\cometrp\astrorp2\bin\debug\plus emulator.vshost.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\cometrp\astrorp2\bin\debug\plus emulator.vshost.exe
FirewallRules: [uDP Query User{B55F98F5-73F2-40D7-B1EB-E57C46E47AA0}C:\users\sanjoy saha\documents\anubhav\habbo\cometrp\astrorp2\bin\debug\plus emulator.vshost.exe] => (Allow) C:\users\sanjoy saha\documents\anubhav\habbo\cometrp\astrorp2\bin\debug\plus emulator.vshost.exe
FirewallRules: [{3ECFB13C-26D1-462D-85BD-094CB19E0874}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{1830653E-71D0-4B37-9BD4-87DC8F183777}C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe
FirewallRules: [uDP Query User{C88C4CAC-04C6-41FE-BB46-17E1A295FFF7}C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe
FirewallRules: [TCP Query User{83261FF2-6EAF-48EA-9CD3-618638358B72}C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe
FirewallRules: [uDP Query User{3F7A2906-C46F-46DA-B549-A46CE6F9AA06}C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe
FirewallRules: [TCP Query User{5FA1D855-C7E7-4B8E-A622-0156FB4FE6E3}C:\xampp\php\php.exe] => (Allow) C:\xampp\php\php.exe
FirewallRules: [uDP Query User{289A8426-3FE7-443E-BCEE-CF038DA228AE}C:\xampp\php\php.exe] => (Allow) C:\xampp\php\php.exe
FirewallRules: [{68CD4628-06B8-4DDB-9A48-518AF27ED58F}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{B70C2E2E-1C47-4037-B0DA-38327465F2FE}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{88E654E0-D1E3-41D1-8499-33D9EDB3116F}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{10A54D59-8C9B-45CF-A5F6-C1D7D8E0B480}C:\users\sanjoy saha\documents\server\samp-server.exe] => (Allow) C:\users\sanjoy saha\documents\server\samp-server.exe
FirewallRules: [uDP Query User{49B16924-AEF9-4A2C-B4B1-C880A33CBB5C}C:\users\sanjoy saha\documents\server\samp-server.exe] => (Allow) C:\users\sanjoy saha\documents\server\samp-server.exe
FirewallRules: [TCP Query User{3DBD648D-9F37-4514-B07E-C6368374920D}C:\users\sanjoy saha\documents\rp\samp-server.exe] => (Allow) C:\users\sanjoy saha\documents\rp\samp-server.exe
FirewallRules: [uDP Query User{DFFBF06E-5CAD-47C0-B277-DDD5A4F4FF45}C:\users\sanjoy saha\documents\rp\samp-server.exe] => (Allow) C:\users\sanjoy saha\documents\rp\samp-server.exe
FirewallRules: [{950BDCEB-E692-40B3-B692-E0603179ED74}] => (Allow) LPort=7777
FirewallRules: [{5E7F7D56-678A-4846-B8D4-551B84E12A24}] => (Allow) LPort=7777
FirewallRules: [{6FEDB668-6487-4837-9143-DD09DFD537C7}] => (Allow) LPort=7777
FirewallRules: [{63269D24-6C1C-4BD7-9310-24BE72859565}] => (Allow) LPort=7777
FirewallRules: [TCP Query User{EE845643-D92D-4C69-ACE1-BD7A927A568F}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [uDP Query User{67B01755-CFB6-4796-8B3F-2650ECECD830}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [TCP Query User{59F377AE-4D37-48E7-9892-440E9179A96D}C:\users\sanjoy saha\documents\anubhav\bcstorm1\bin\debug\butterfly emulator.vshost.exe] => (Block) C:\users\sanjoy saha\documents\anubhav\bcstorm1\bin\debug\butterfly emulator.vshost.exe
FirewallRules: [uDP Query User{4B8CB555-05C0-4002-93BD-5FE1263A3945}C:\users\sanjoy saha\documents\anubhav\bcstorm1\bin\debug\butterfly emulator.vshost.exe] => (Block) C:\users\sanjoy saha\documents\anubhav\bcstorm1\bin\debug\butterfly emulator.vshost.exe
FirewallRules: [{5205EB34-E479-473C-87C1-FBF650B27301}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{5D88E65D-377D-4BB9-AEC3-2C352CC4D1E5}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{63A88A47-D500-4D78-96DB-C39B24234758}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{8BB4A201-A107-4E2D-8C8C-12E180315D46}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{23EB8DF9-79E1-42A5-A51D-756FED030648}] => (Block) %ProgramFiles% (x86)\Image-Line\FL64.exe
FirewallRules: [{524570FE-2F64-46DA-B389-6149729E9023}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{08EDAFC1-F7B1-43A2-B5D7-B2749AA6692B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{89316D35-EB22-4A7A-989A-31A878E35ECE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AEED534C-8FBB-4F02-8D84-8A3AEF098B34}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{7C0210B0-0C66-4A25-8D41-991FA2939944}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [uDP Query User{B169FA74-D304-4451-9833-639C0D1C0BB2}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{55BBB575-FB5C-47B4-BB76-991E8A12C21B}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [uDP Query User{20E24D5A-ADE3-4E36-9D76-4A5CEACFE970}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [{E8B4962B-3292-4610-B334-C79B24467F40}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6F1A8957-2310-4453-8068-B2BCA1BF59CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{CB39BBA8-ED77-441B-BA07-47038DD9B9DE}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [uDP Query User{28615095-370E-4222-AEDE-5F4F8DEFC17D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{DF9EE30D-2CFB-44FD-8BD6-F36A663680E0}C:\users\sanjoy saha\desktop\dsmidiwifi-v1.01\dsmidiwifi.exe] => (Allow) C:\users\sanjoy saha\desktop\dsmidiwifi-v1.01\dsmidiwifi.exe
FirewallRules: [uDP Query User{594031CB-EC34-4E7F-AC67-2C858A82670A}C:\users\sanjoy saha\desktop\dsmidiwifi-v1.01\dsmidiwifi.exe] => (Allow) C:\users\sanjoy saha\desktop\dsmidiwifi-v1.01\dsmidiwifi.exe
FirewallRules: [TCP Query User{98869A4C-B46F-4919-B5E8-6FB6F0131137}C:\users\sanjoy saha\desktop\work\dsmidiwifi-v1.01\dsmidiwifi.exe] => (Allow) C:\users\sanjoy saha\desktop\work\dsmidiwifi-v1.01\dsmidiwifi.exe
FirewallRules: [uDP Query User{D8349D4C-C8BA-4969-A625-06DEEC9D2E28}C:\users\sanjoy saha\desktop\work\dsmidiwifi-v1.01\dsmidiwifi.exe] => (Allow) C:\users\sanjoy saha\desktop\work\dsmidiwifi-v1.01\dsmidiwifi.exe
FirewallRules: [TCP Query User{94BF40F7-DEA8-4FC3-8029-BDBF0D0C103B}C:\program files (x86)\image-line\fl.exe] => (Block) C:\program files (x86)\image-line\fl.exe
FirewallRules: [uDP Query User{FA89B3C0-8BC1-4430-A386-CD507E55A8CB}C:\program files (x86)\image-line\fl.exe] => (Block) C:\program files (x86)\image-line\fl.exe
FirewallRules: [TCP Query User{03645899-1D4E-474A-9E9A-E7E23DFDCFC3}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Block) C:\program files (x86)\virtualdj\virtualdj_pro.exe
FirewallRules: [uDP Query User{680CC865-032C-4C4D-ABA8-F28FFEC9997F}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Block) C:\program files (x86)\virtualdj\virtualdj_pro.exe
FirewallRules: [TCP Query User{B539AB22-DE9C-40FD-A1F1-646199BD707A}C:\users\public\music\logic\butterflyrp (not boonrp version)\butterflyrp emulator\bin\debug\butterflyrp emulator.exe] => (Allow) C:\users\public\music\logic\butterflyrp (not boonrp version)\butterflyrp emulator\bin\debug\butterflyrp emulator.exe
FirewallRules: [uDP Query User{9AD5EC72-6B9F-4247-BC96-232D07C0F5D4}C:\users\public\music\logic\butterflyrp (not boonrp version)\butterflyrp emulator\bin\debug\butterflyrp emulator.exe] => (Allow) C:\users\public\music\logic\butterflyrp (not boonrp version)\butterflyrp emulator\bin\debug\butterflyrp emulator.exe
FirewallRules: [TCP Query User{040402BA-3BBE-4339-90BA-0209ACB809FB}C:\users\public\music\divinity\butterflyrp (not boonrp version)\butterflyrp emulator\bin\debug\butterflyrp emulator.exe] => (Allow) C:\users\public\music\divinity\butterflyrp (not boonrp version)\butterflyrp emulator\bin\debug\butterflyrp emulator.exe
FirewallRules: [uDP Query User{38A5DF24-6E0E-4351-970F-463F1023EBEF}C:\users\public\music\divinity\butterflyrp (not boonrp version)\butterflyrp emulator\bin\debug\butterflyrp emulator.exe] => (Allow) C:\users\public\music\divinity\butterflyrp (not boonrp version)\butterflyrp emulator\bin\debug\butterflyrp emulator.exe
FirewallRules: [TCP Query User{7E7F2E9D-A1C0-4902-B65B-555A3E488CD4}C:\users\sanjoy saha\desktop\infinity\butterflyrp emulator\bin\debug\butterflyrp emulator.vshost.exe] => (Allow) C:\users\sanjoy saha\desktop\infinity\butterflyrp emulator\bin\debug\butterflyrp emulator.vshost.exe
FirewallRules: [uDP Query User{7D01111C-2FC8-436C-AC36-044839D37D8C}C:\users\sanjoy saha\desktop\infinity\butterflyrp emulator\bin\debug\butterflyrp emulator.vshost.exe] => (Allow) C:\users\sanjoy saha\desktop\infinity\butterflyrp emulator\bin\debug\butterflyrp emulator.vshost.exe
FirewallRules: [TCP Query User{DFDBA9CC-2388-4988-980E-EDC727AD9C31}C:\users\sanjoy saha\desktop\infinity\butterflyrp emulator\bin\debug\butterflyrp emulator.exe] => (Allow) C:\users\sanjoy saha\desktop\infinity\butterflyrp emulator\bin\debug\butterflyrp emulator.exe
FirewallRules: [uDP Query User{475DF06B-5078-49CB-86F4-C1913E4B41DE}C:\users\sanjoy saha\desktop\infinity\butterflyrp emulator\bin\debug\butterflyrp emulator.exe] => (Allow) C:\users\sanjoy saha\desktop\infinity\butterflyrp emulator\bin\debug\butterflyrp emulator.exe
FirewallRules: [TCP Query User{E5D05E76-DFA4-42B9-A0E0-0583F92AA09B}C:\users\sanjoy saha\desktop\unityrp\butterflyrp emulator\bin\debug\butterflyrp emulator.exe] => (Allow) C:\users\sanjoy saha\desktop\unityrp\butterflyrp emulator\bin\debug\butterflyrp emulator.exe
FirewallRules: [uDP Query User{60EAA911-71DA-4B10-8D01-5CC5ADC03372}C:\users\sanjoy saha\desktop\unityrp\butterflyrp emulator\bin\debug\butterflyrp emulator.exe] => (Allow) C:\users\sanjoy saha\desktop\unityrp\butterflyrp emulator\bin\debug\butterflyrp emulator.exe
FirewallRules: [TCP Query User{6EF0F53E-8F74-4623-84FC-085DE024281D}C:\users\sanjoy saha\desktop\infinityrp\butterflyrp emulator\bin\debug\butterflyrp emulator.vshost.exe] => (Allow) C:\users\sanjoy saha\desktop\infinityrp\butterflyrp emulator\bin\debug\butterflyrp emulator.vshost.exe
FirewallRules: [uDP Query User{29233CCC-76F0-4494-9CD7-5E10B284AC2B}C:\users\sanjoy saha\desktop\infinityrp\butterflyrp emulator\bin\debug\butterflyrp emulator.vshost.exe] => (Allow) C:\users\sanjoy saha\desktop\infinityrp\butterflyrp emulator\bin\debug\butterflyrp emulator.vshost.exe
FirewallRules: [TCP Query User{A7DF300F-B81D-45FB-ACB2-12C5BF63030A}C:\users\sanjoy saha\desktop\infinitytdm\butterfly emulator\bin\debug\butterfly emulator.vshost.exe] => (Allow) C:\users\sanjoy saha\desktop\infinitytdm\butterfly emulator\bin\debug\butterfly emulator.vshost.exe
FirewallRules: [uDP Query User{81913ADE-D6EB-4DA8-BB22-660A23693DD3}C:\users\sanjoy saha\desktop\infinitytdm\butterfly emulator\bin\debug\butterfly emulator.vshost.exe] => (Allow) C:\users\sanjoy saha\desktop\infinitytdm\butterfly emulator\bin\debug\butterfly emulator.vshost.exe
FirewallRules: [TCP Query User{8DD2C6F0-0323-4CDF-A8D6-857F86A3D254}C:\users\sanjoy saha\desktop\novaemulator\bin\debug\novaemulator.vshost.exe] => (Allow) C:\users\sanjoy saha\desktop\novaemulator\bin\debug\novaemulator.vshost.exe
FirewallRules: [uDP Query User{24534056-2CA8-4789-B958-C4FF37FDC5B1}C:\users\sanjoy saha\desktop\novaemulator\bin\debug\novaemulator.vshost.exe] => (Allow) C:\users\sanjoy saha\desktop\novaemulator\bin\debug\novaemulator.vshost.exe
FirewallRules: [TCP Query User{FF985806-9393-4E5E-9640-EA1732E3A8D6}C:\users\sanjoy saha\desktop\lovc-master\lovc\bin\debug\lovc.exe] => (Allow) C:\users\sanjoy saha\desktop\lovc-master\lovc\bin\debug\lovc.exe
FirewallRules: [uDP Query User{21347B8B-F56D-4AB9-B266-88D17347D79B}C:\users\sanjoy saha\desktop\lovc-master\lovc\bin\debug\lovc.exe] => (Allow) C:\users\sanjoy saha\desktop\lovc-master\lovc\bin\debug\lovc.exe
FirewallRules: [{3F4BE5D0-E9B0-43F0-BCB6-7574E904B2D8}] => (Allow) C:\Program Files (x86)\Just Cause 2\JustCause2.exe
FirewallRules: [{9542E431-6223-4100-827F-386582C2D970}] => (Allow) C:\Program Files (x86)\Just Cause 2\JustCause2.exe
FirewallRules: [{1678288F-3EFC-4D72-8640-14DBB4AC3ABD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A0B06EAD-83D6-4C6C-848B-5AF8479411E0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6D0F4D8E-C6FA-4CB5-88C5-3CB8FBF07437}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FF89E926-3851-4979-B3A5-59DAAAFD5010}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0BD26EE8-594E-4480-807E-30850E91BCDC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{948E8A4D-8931-4F24-B477-48788C9ACF25}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{A987DE6B-DEAE-498F-B4A0-8B3DD32B66B5}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{DBA898DB-7DF1-4C8D-86C7-D176DC6E50F2}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{FB39CDE6-A256-4C09-8BA3-FDD1C8B55C0B}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{A6958742-D1D2-4526-AE84-99474F008C32}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Faulty Device Manager Devices =============




==================== Event log errors: =========================


Application errors:
==================
Error: (07/18/2015 05:23:10 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


Error: (07/18/2015 05:19:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


Error: (07/18/2015 05:19:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


Error: (07/18/2015 05:16:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


Error: (07/18/2015 05:16:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


Error: (07/18/2015 05:13:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


Error: (07/18/2015 05:13:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


Error: (07/18/2015 05:12:50 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)


Error: (07/18/2015 05:12:48 PM) (Source: DellUpdate) (EventID: 0) (User: )
Description: Failed in handling the PowerEvent. The error that occurred was: System.NullReferenceException: Object reference not set to an instance of an object.
   at DellUpdate.WindowsService.Controller.ResetWcfConnections()
   at DellUpdate.WindowsService.UpdateService.OnPowerEvent(PowerBroadcastStatus powerStatus)
   at System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData).


Error: (07/18/2015 09:28:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10516




System errors:
=============
Error: (07/18/2015 06:26:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2


Error: (07/18/2015 06:23:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The StarWind AE Service service failed to start due to the following error: 
%%2


Error: (07/18/2015 06:23:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Alcohol Virtual Drive Auto-mount Service service failed to start due to the following error: 
%%2


Error: (07/18/2015 06:21:20 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}


Error: (07/18/2015 01:50:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2


Error: (07/18/2015 01:47:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The StarWind AE Service service failed to start due to the following error: 
%%2


Error: (07/18/2015 01:47:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Alcohol Virtual Drive Auto-mount Service service failed to start due to the following error: 
%%2


Error: (07/18/2015 01:47:03 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000ef (0xfffffa80087ad940, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP071815-18296-01


Error: (07/18/2015 01:46:59 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 01:17:37 on ‎18-‎07-‎2015 was unexpected.


Error: (07/18/2015 01:44:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Authentication Service service terminated unexpectedly.  It has done this 1 time(s).




Microsoft Office:
=========================
Error: (07/18/2015 05:23:10 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


Error: (07/18/2015 05:19:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F2030000E5050000


Error: (07/18/2015 05:19:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000


Error: (07/18/2015 05:16:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F2030000E5050000


Error: (07/18/2015 05:16:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000


Error: (07/18/2015 05:13:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F2030000E5050000


Error: (07/18/2015 05:13:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000


Error: (07/18/2015 05:12:50 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d


Error: (07/18/2015 05:12:48 PM) (Source: DellUpdate) (EventID: 0) (User: )
Description: Failed in handling the PowerEvent. The error that occurred was: System.NullReferenceException: Object reference not set to an instance of an object.
   at DellUpdate.WindowsService.Controller.ResetWcfConnections()
   at DellUpdate.WindowsService.UpdateService.OnPowerEvent(PowerBroadcastStatus powerStatus)
   at System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData).


Error: (07/18/2015 09:28:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10516




==================== Memory info =========================== 


Processor: Intel® Core i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 44%
Total physical RAM: 3956.21 MB
Available physical RAM: 2203.99 MB
Total Virtual: 7924.21 MB
Available Virtual: 6002.58 MB


==================== Drives ================================


Drive c: (OS) (Fixed) (Total:464.62 GB) (Free:107.06 GB) NTFS


==================== MBR & Partition Table ==================


========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4FB9122C)


Partition: GPT Partition Type.


==================== End of log ============================
 
Link to post
Share on other sites

Run this please:

 

Download CKScanner from here: http://downloads.malwareremoval.com/CKScanner.exe

 

Important - Save it to your desktop.

 

Doubleclick CKScanner.exe (Right click and "Run as administrator" in Vista/Win7/8/8.1).

 

Give permission if necessary, and click Search For Files.

 

After a very short time, when the cursor hourglass disappears, click Save List To File.

 

A message box will verify the file saved. Please run the program once only.

 

Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

 

Thanks,

 

Kevin

Link to post
Share on other sites

Here are the log you requested

CKScanner 2.5 - Additional Security Risks - These are not necessarily badc:\users\sanjoy saha\documents\anubhav\gtamultiplayer\mod_sa_v4.3.3.2_source\src\game_sa\cstatueofliberysa.cppc:\users\sanjoy saha\documents\anubhav\gtamultiplayer\mod_sa_v4.3.3.2_source\src\game_sa\cferraia.hc:\users\sanjoy saha\documents\anubhav\gtamultiplayer\mod_sa_v4.3.3.2_source\src\game_sa\game\cmercedesn.hc:\users\sanjoy saha\downloads\kmspico_install_v4.exescanner sequence 3.ZZ.11.ISNASZ ----- EOF ----- 
Link to post
Share on other sites

The CKScanner log list is incorrect, there should be at least 20 entries, not 4. There is also evidence of illegal software installer on your system, as such we cannot offer any help as you breach forum protocol, your thread will be locked and closed...

 

Thank you,

 

Kevin...

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.