Jump to content

Recommended Posts

 ***************************************** ***************************** *********************** ********************************************


i would like to address my Laptop problem. am in big trouble . i have installed KMSPICO , after security totally damaged on my laptop OS. i mean, Windows defender not working . not turning on from security center also. .   here i am posting FSS result ... plz help me 


 


Farbar Service Scanner Version: 10-06-2014

Ran by Tuhin Malik (administrator) on 29-11-2015 at 00:42:12

Running from "C:\Users\Tuhin Malik\Downloads"

Microsoft Windows 8.1 Single Language  (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy: 

==================

 

 

Action Center:

============

 

Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist.

 

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is OK.

The ImagePath of WinDefend: "%SystemRoot%\System32\svchost.exe -k secsvcs".

 

 

Windows Defender Disabled Policy: 

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

 

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

 

 

**** End of log ****

FSS.txt

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
    (Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt and Shortcut.txt are checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make logs named (Addition.txt) and Shortcut.txt Please attach those logs to your reply.


 

Thank you,

 

Kevin....

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-11-2015

Ran by Tuhin Malik (administrator) on TUHIN (29-11-2015 11:14:19)

Running from C:\Users\Tuhin Malik\Downloads

Loaded Profiles: Tuhin Malik (Available Profiles: Tuhin Malik)

Platform: Windows 8.1 Single Language (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AMD) C:\WINDOWS\System32\atiesrxx.exe

(AMD) C:\WINDOWS\System32\atieclxx.exe

(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\AsusWSWinService.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

() C:\ProgramData\ChgService.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe

(HP) C:\WINDOWS\System32\HPSIsvc.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

() C:\Program Files (x86)\LAN Voice Chat\Speechs.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

() C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

() C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)

HKLM\...\Run: [btTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-14] (Qualcomm Atheros)

HKLM\...\Run: [btvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-14] (Qualcomm Atheros Commnucations)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)

HKLM-x32\...\Run: [iSBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)

HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-28] (Sony Corporation)

HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe [63296 2014-08-19] ()

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)

HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-27] (DivX, LLC)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)

HKLM\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-3316769588-1135009501-609626896-1001\...\Run: [speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44032 2014-11-21] (Microsoft Corporation)

HKU\S-1-5-21-3316769588-1135009501-609626896-1001\...\Run: [Google Update] => C:\Users\Tuhin Malik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc.)

HKU\S-1-5-21-3316769588-1135009501-609626896-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)

HKU\S-1-5-21-3316769588-1135009501-609626896-1001\...\MountPoints2: {0094bc64-74fc-11e5-bfbe-5453ed2be693} - "E:\Setup.exe" 

HKU\S-1-5-21-3316769588-1135009501-609626896-1001\...\MountPoints2: {0489e3eb-afa7-11e2-be85-083e8eb8d548} - "F:\.\ShowModem.exe" 

HKU\S-1-5-21-3316769588-1135009501-609626896-1001\...\MountPoints2: {09c1f3b9-85f7-11e4-bf58-083e8eb8d548} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\Common_Handset_USB_Driver.exe

HKU\S-1-5-21-3316769588-1135009501-609626896-1001\...\MountPoints2: {672d2fff-251c-11e5-bf8f-083e8eb8d548} - "E:\install.exe" 

HKU\S-1-5-21-3316769588-1135009501-609626896-1001\...\MountPoints2: {e587bbd6-5f03-11e2-be77-083e8eb8d548} - "E:\AutoRun.exe" 

HKU\S-1-5-21-3316769588-1135009501-609626896-1001\...\MountPoints2: {fe84e60c-20d3-11e5-824f-083e8eb8d548} - "E:\Windows\AutoRun.exe" 

HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 1

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk [2015-11-28]

ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files (x86)\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)

BootExecute: autocheck autochk * 

GroupPolicy: Restriction - Chrome <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

ProxyEnable: [.DEFAULT] => Proxy is enabled.

ProxyServer: [.DEFAULT] => http=127.0.0.1:63601;https=127.0.0.1:63601

Tcpip\Parameters: [DhcpNameServer] 10.1.1.61 10.1.1.62

Tcpip\..\Interfaces\{085323F8-22B5-4B2D-A438-BC63A7A14070}: [DhcpNameServer] 10.1.1.61 10.1.1.62 10.1.1.63

Tcpip\..\Interfaces\{ABAD1D9D-E8BF-4EC3-9B37-C0502EE01B5B}: [DhcpNameServer] 10.1.1.61 10.1.1.62

 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

SearchScopes: HKU\S-1-5-21-3316769588-1135009501-609626896-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)

BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-14] (Qualcomm Atheros Commnucations)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)

BHO-x32: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-29] (Oracle Corporation)

BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-03-11] (FreeDownloadManager.ORG)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-29] (Oracle Corporation)

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

 

FireFox:

========

FF ProfilePath: C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\Firefox\Profiles\96uv3baq.default-1403980221057

FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?type=hp&ts=1439284032&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=cmi&uid=TOSHIBAXMQ01ABD075_82VYT1M6TXX82VYT1M6T

FF NetworkProxy: "http", "10.1.0.10"

FF NetworkProxy: "http_port", 8090

FF NetworkProxy: "type", 4

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-16] ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)

FF Plugin: ca.com/CAAuthMinder64 -> C:\Program Files\CA\arcot\Plugins\npAuthMinder64.dll [2014-02-02] (CA)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-16] ()

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-29] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-29] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)

FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] ( )

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)

FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll [2013-01-24] (Wolfram Research, Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-01] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)

FF Plugin-x32: ca.com/CAAuthMinder -> C:\Program Files (x86)\CA\arcot\Plugins\npAuthMinder.dll [2014-02-02] (CA)

FF Plugin HKU\S-1-5-21-3316769588-1135009501-609626896-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Tuhin Malik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-3316769588-1135009501-609626896-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)

FF Plugin HKU\S-1-5-21-3316769588-1135009501-609626896-1001: @talk.google.com/O1DPlugin -> C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)

FF Plugin HKU\S-1-5-21-3316769588-1135009501-609626896-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tuhin Malik\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin HKU\S-1-5-21-3316769588-1135009501-609626896-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tuhin Malik\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-10-01] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\Tuhin Malik\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Tuhin Malik\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)

FF Extension: No Name - C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\Firefox\Profiles\96uv3baq.default-1403980221057\extensions\defsearchp@gmail.com [not found]

FF Extension: No Name - C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\Firefox\Profiles\96uv3baq.default-1403980221057\extensions\deskCutv2@gmail.com [not found]

FF Extension: 59c81df54b7a477b912d4e0fdf64e5f2 - C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\Firefox\Profiles\96uv3baq.default-1403980221057\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-08-18] [not signed]

FF Extension: sharemenotfranziroesnercom - C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\Firefox\Profiles\96uv3baq.default-1403980221057\extensions\sharemenot@franziroesner.com [2015-08-19] [not signed]

FF Extension: fasttranskemot - C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\Firefox\Profiles\96uv3baq.default-1403980221057\extensions\fasttrans@kemot [2015-08-21] [not signed]

FF Extension: 6dfc4f5226f04e5f89c731d6de480db9 - C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\Firefox\Profiles\96uv3baq.default-1403980221057\extensions\{6dfc4f52-26f0-4e5f-89c7-31d6de480db9} [2015-08-21] [not signed]

FF Extension: c9b4529aeeba4e48976ef3d3f9026e04 - C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\Firefox\Profiles\96uv3baq.default-1403980221057\extensions\{c9b4529a-eeba-4e48-976e-f3d3f9026e04} [2015-09-11] [not signed]

FF Extension: phpformattersseleniumhqorg - C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\Firefox\Profiles\96uv3baq.default-1403980221057\extensions\phpformatters@seleniumhq.org [2015-09-13] [not signed]

FF Extension: TFToolbarXtorrentfinder - C:\Users\Tuhin Malik\AppData\Roaming\Mozilla\Firefox\Profiles\96uv3baq.default-1403980221057\Extensions\TFToolbarX@torrent-finder [2015-08-21] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [firefox@gingersoftware.com] - C:\Program Files (x86)\Ginger\Mozilla\firefox@gingersoftware.com

FF Extension: Ginger - Grammar and Spell Checker - C:\Program Files (x86)\Ginger\Mozilla\firefox@gingersoftware.com [2013-10-24] [not signed]

FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-09-13] <==== ATTENTION (Points to *.cfg file)

FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\cfg [2015-09-13] <==== ATTENTION

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "hxxp://www.oursurfing.com/?type=hp&ts=1439281553&z=9c92efe6801ae2764bda82egbz6c0t6o3b2g3w7weg&from=amt&uid=TOSHIBAXMQ01ABD075_82VYT1M6TXX82VYT1M6T","hxxp://www.mystartsearch.com/?type=hp&ts=1439284032&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=cmi&uid=TOSHIBAXMQ01ABD075_82VYT1M6TXX82VYT1M6T","hxxp://homepage-web.com/?s=lenovo&m=start"

CHR Profile: C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Drive) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-29]

CHR Extension: (YouTube) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]

CHR Extension: (Google Search) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]

CHR Extension: (Google Docs Offline) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]

CHR Extension: (Gmail) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]

CHR Profile: C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1

CHR Extension: (Google Slides) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]

CHR Extension: (Google Docs) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]

CHR Extension: (Google Drive) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-16]

CHR Extension: (YouTube) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]

CHR Extension: (uTorrentControl_v6) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cflheckfmhopnialghigdlggahiomebp [2015-01-16] [updateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT3289075&extensionData=\u003Cextension_data>] <==== ATTENTION

CHR Extension: (Google Search) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]

CHR Extension: (dciflieigdmogpmamcgbigingaodhnil) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dciflieigdmogpmamcgbigingaodhnil [2015-08-21]

CHR Extension: (dklapjeioellcmcgfidfhpefmbnihibo) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dklapjeioellcmcgfidfhpefmbnihibo [2015-08-21]

CHR Extension: (eolhkfkhgcfmajkadgofbklgepcelnlk) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eolhkfkhgcfmajkadgofbklgepcelnlk [2015-08-21]

CHR Extension: (Google Sheets) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]

CHR Extension: (fhffefhdkeibnkdldinbncimlojchnie) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhffefhdkeibnkdldinbncimlojchnie [2015-08-21]

CHR Extension: (mdaboflcmhejfihjcbmdiebgfchigjcf) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdaboflcmhejfihjcbmdiebgfchigjcf [2015-08-20]

CHR Extension: (Google Wallet) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]

CHR Extension: (oebpmncolmhiapingjaagmapififiakb) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oebpmncolmhiapingjaagmapififiakb [2015-08-20]

CHR Extension: (pdnfnkhpgegpcingjbfihlkjeighnddk) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2015-08-18]

CHR Extension: (Gmail) - C:\Users\Tuhin Malik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdobeActiveFileMonitor10.0; c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [1843392 2015-08-20] (Adobe Systems, Incorporated)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\AsusWSWinService.exe [71168 2014-08-19] (ASUS Cloud Corporation) [File not signed]

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-14] (Qualcomm Atheros Commnucations) [File not signed]

R2 Change Modem Device Service; C:\ProgramData\ChgService.exe [114688 2011-08-31] () [File not signed]

R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-28] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)

S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-08-10] (Symantec Corporation)

R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-28] (Sony Corporation)

R2 Speechsrv; C:\Program Files (x86)\LAN Voice Chat\Speechs.exe [487424 2006-01-11] () [File not signed]

S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)

S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()

S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)

S3 Visual Studio Analyzer RPC bridge; C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [34036 1998-06-06] (Microsoft Corporation) [File not signed]

R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)

S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1784248 2015-07-07] (Microsoft Corporation)

R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-14] (Atheros) [File not signed]

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2014-06-23] (Windows ® Win 7 DDK provider)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-08-20] (Advanced Micro Devices)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [66840 2014-06-23] (ASUS Corporation)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-14] (Qualcomm Atheros)

S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-08-14] (Qualcomm Atheros)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)

R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00D\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)

S3 micromax_cdc_acm; C:\Windows\system32\DRIVERS\micromax_cdc_acm.sys [79872 2012-06-15] (Micromax Informatics Ltd)

S3 micromax_cdc_ecm; C:\Windows\system32\DRIVERS\micromax_cdc_ecm.sys [60416 2012-06-15] (Micromax Informatics Ltd)

S3 micromax_ecm_enum; C:\Windows\System32\drivers\micromax_ecm_enum.sys [56832 2012-06-15] (Micromax Informatics Ltd)

S3 micromax_ecm_enum_filter; C:\Windows\System32\drivers\micromax_ecm_enum_filter.sys [56832 2012-06-15] (Micromax Informatics Ltd)

S3 micromax_wcpo; C:\Windows\system32\DRIVERS\micromax_wcpo.sys [10752 2012-06-15] (Micromax Informatics Ltd)

S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)

R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-16] (Corel Corporation)

R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [29352 2015-10-12] ()

S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-07-30] ()

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)

R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)

S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2013-01-22] (EnTech Taiwan)

S3 TVICHW32; C:\Windows\SysWOW64\DRIVERS\TVICHW32.SYS [29536 2013-01-22] (EnTech Taiwan)

S3 TVICHW64; C:\Windows\system32\DRIVERS\TVICHW64.SYS [21200 2013-04-21] (EnTech Taiwan)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2015-08-08] (Basil Projects)

S1 gftgteio; \??\C:\WINDOWS\system32\drivers\gftgteio.sys [X]

S1 omsesoac; \??\C:\WINDOWS\system32\drivers\omsesoac.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-11-29 11:12 - 2015-11-29 11:14 - 00031638 _____ C:\Users\Tuhin Malik\Downloads\FRST.txt

2015-11-29 11:12 - 2015-11-29 11:13 - 00058476 _____ C:\Users\Tuhin Malik\Downloads\Addition.txt

2015-11-29 11:11 - 2015-11-29 11:14 - 00000000 ____D C:\FRST

2015-11-29 11:11 - 2015-11-29 11:11 - 02349056 _____ (Farbar) C:\Users\Tuhin Malik\Downloads\FRST64.exe

2015-11-29 11:11 - 2015-11-29 11:11 - 00002951 _____ C:\Users\Tuhin Malik\Desktop\FSS1.txt

2015-11-29 03:52 - 2015-11-29 03:52 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-TUHIN-Windows-8.1-Single-Language-(64-bit).dat

2015-11-29 03:52 - 2015-11-29 03:52 - 00000000 ____D C:\RegBackup

2015-11-29 03:08 - 2015-11-29 03:08 - 00017821 _____ C:\Users\Tuhin Malik\Downloads\autorun results.txt

2015-11-29 00:44 - 2015-11-29 00:44 - 00002597 _____ C:\Users\Tuhin Malik\Desktop\FSS.txt

2015-11-29 00:42 - 2015-11-29 11:10 - 00002951 _____ C:\Users\Tuhin Malik\Downloads\FSS.txt

2015-11-29 00:41 - 2015-11-29 00:41 - 00415744 _____ (Farbar) C:\Users\Tuhin Malik\Downloads\FSS.exe

2015-11-29 00:23 - 2015-11-29 00:23 - 00000066 _____ C:\Users\Tuhin Malik\Downloads\RestoreTaskSchedulerWindows8.bat

2015-11-28 22:35 - 2015-11-28 22:46 - 00000000 ____D C:\Program Files (x86)\Registry Recycler

2015-11-28 22:35 - 2015-11-28 22:35 - 00001122 _____ C:\Users\Public\Desktop\Registry Recycler.lnk

2015-11-28 22:35 - 2015-11-28 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Recycler

2015-11-28 22:34 - 2015-11-28 22:35 - 01131272 _____ (Developer Tribe (Pvt) Ltd. ) C:\Users\Tuhin Malik\Downloads\setup_rr.exe

2015-11-28 22:07 - 2015-11-28 22:07 - 00007586 _____ C:\Users\Tuhin Malik\Downloads\windows_defender_reg_for_win7x64.reg

2015-11-28 20:05 - 2015-11-28 20:07 - 19522726 _____ C:\Users\Tuhin Malik\Downloads\astro_ignou.zip

2015-11-28 17:28 - 2015-11-28 17:28 - 00000000 ____D C:\Program Files\Common Files\Atheros

2015-11-28 17:27 - 2015-11-28 17:27 - 02077968 _____ (Microsoft Corporation) C:\Users\Tuhin Malik\Downloads\nis_full.exe

2015-11-28 17:26 - 2015-11-28 17:35 - 124663064 _____ (Microsoft Corporation) C:\Users\Tuhin Malik\Downloads\mpam-feX64.exe

2015-11-28 17:16 - 2015-11-28 17:24 - 124663064 _____ (Microsoft Corporation) C:\Users\Tuhin Malik\Downloads\mpam-fe.exe

2015-11-28 16:32 - 2014-04-16 05:05 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll

2015-11-28 16:32 - 2014-04-16 05:04 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll

2015-11-28 16:03 - 2015-01-06 08:31 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys

2015-11-28 16:03 - 2015-01-06 08:29 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys

2015-11-28 16:03 - 2015-01-06 06:42 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll

2015-11-28 16:03 - 2015-01-06 06:32 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll

2015-11-28 15:52 - 2015-10-22 23:13 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll

2015-11-28 15:52 - 2015-10-22 23:13 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL

2015-11-28 15:52 - 2015-10-22 23:13 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL

2015-11-28 15:52 - 2015-10-22 23:13 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL

2015-11-28 15:52 - 2015-10-22 22:29 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll

2015-11-28 15:52 - 2015-10-22 22:29 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL

2015-11-28 15:52 - 2015-10-22 22:29 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL

2015-11-28 15:52 - 2015-10-22 22:29 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL

2015-11-28 15:52 - 2015-10-22 21:51 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll

2015-11-28 15:52 - 2015-10-22 21:51 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll

2015-11-28 15:52 - 2015-10-22 21:28 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll

2015-11-28 15:52 - 2015-10-22 21:28 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll

2015-11-28 15:52 - 2015-10-22 19:38 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls

2015-11-28 15:52 - 2015-10-22 19:38 - 00513456 _____ C:\WINDOWS\system32\locale.nls

2015-11-28 15:52 - 2015-05-01 06:43 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe

2015-11-28 15:52 - 2015-05-01 06:43 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll

2015-11-28 15:52 - 2015-05-01 06:43 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll

2015-11-28 15:51 - 2015-10-11 12:04 - 00468824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2015-11-28 15:51 - 2015-10-11 12:04 - 00462168 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys

2015-11-28 15:51 - 2015-10-11 12:04 - 00443224 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys

2015-11-28 15:51 - 2015-10-11 12:04 - 00092504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys

2015-11-28 15:51 - 2015-10-11 12:04 - 00027992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys

2015-11-28 15:51 - 2015-10-11 00:11 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys

2015-11-28 15:51 - 2015-10-11 00:11 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys

2015-11-28 15:51 - 2015-10-11 00:10 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys

2015-11-28 15:51 - 2015-10-10 22:50 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll

2015-11-28 15:51 - 2015-10-08 21:41 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll

2015-11-28 15:51 - 2015-10-08 21:20 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll

2015-11-28 15:51 - 2015-10-05 23:58 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe

2015-11-28 15:51 - 2015-10-05 23:55 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2015-11-28 15:51 - 2015-10-04 01:11 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2015-11-28 15:51 - 2015-10-04 01:11 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2015-11-28 15:51 - 2015-09-29 00:01 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2015-11-28 15:51 - 2015-09-28 23:54 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2015-11-28 15:51 - 2015-06-10 04:09 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS

2015-11-28 15:51 - 2015-06-10 04:09 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys

2015-11-28 15:51 - 2015-06-10 04:08 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2015-11-28 15:45 - 2015-11-28 17:54 - 00000000 ____D C:\WINDOWS\softwaredistribution.bak

2015-11-28 14:47 - 2015-11-28 14:47 - 00000068 _____ C:\Users\Tuhin Malik\Downloads\Win8_WinDefend_Service_Startup (1).cmd

2015-11-28 14:31 - 2015-11-28 14:32 - 00000068 _____ C:\Users\Tuhin Malik\Downloads\Win8_WinDefend_Service_Startup.cmd

2015-11-27 08:01 - 2015-11-27 08:07 - 133818648 _____ (Microsoft Corporation) C:\Users\Tuhin Malik\Downloads\msert.exe

2015-11-27 07:02 - 2015-11-27 07:04 - 00000000 ___SD C:\WINDOWS\system32\GWX

2015-11-27 07:02 - 2015-11-27 07:02 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX

2015-11-27 06:21 - 2015-07-22 19:49 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll

2015-11-27 06:21 - 2015-07-22 19:22 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2015-11-27 06:21 - 2015-07-17 19:45 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll

2015-11-27 06:21 - 2015-07-17 19:40 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll

2015-11-27 06:21 - 2015-06-27 17:17 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe

2015-11-27 06:21 - 2015-03-20 07:26 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys

2015-11-27 06:21 - 2015-03-14 05:39 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2015-11-27 06:05 - 2015-11-27 06:05 - 00302011 _____ C:\Users\Tuhin Malik\Downloads\WindowsUpdateDiagnostic (1).diagcab

2015-11-27 05:35 - 2015-11-27 05:35 - 00302011 _____ C:\Users\Tuhin Malik\Downloads\WindowsUpdateDiagnostic.diagcab

2015-11-27 04:43 - 2015-11-27 04:43 - 08580584 _____ (Crawler Inc. ) C:\Users\Tuhin Malik\Downloads\Spyware Terminator 2.3.0.507.exe

2015-11-27 04:38 - 2015-11-27 04:40 - 22908888 _____ (Malwarebytes ) C:\Users\Tuhin Malik\Downloads\mbam-setup-2.2.0.1024 (1).exe

2015-11-27 04:36 - 2015-11-27 04:36 - 451220343 _____ C:\WINDOWS\MEMORY.DMP

2015-11-27 04:36 - 2015-11-27 04:36 - 00279608 _____ C:\WINDOWS\Minidump\112715-38343-01.dmp

2015-11-27 04:34 - 2015-11-27 04:34 - 21889024 _____ (Malwarebytes ) C:\Users\Tuhin Malik\Downloads\Unconfirmed 505504.crdownload

2015-11-27 04:10 - 2015-11-27 04:10 - 00114616 _____ C:\Users\Tuhin Malik\Downloads\MicrosoftEasyFix20084.mini.diagcab

2015-11-21 18:54 - 2015-11-21 18:54 - 50689960 _____ (AVG Technologies) C:\Users\Tuhin Malik\Downloads\AVG Anti-Virus Free Edition 8.0.173.exe

2015-11-21 18:48 - 2015-11-21 18:48 - 02928600 _____ (Piriform Ltd) C:\Users\Tuhin Malik\Downloads\CCleaner 2.11.exe

2015-11-21 18:41 - 2015-11-21 18:41 - 05186048 _____ C:\Users\Tuhin Malik\Downloads\WindowsDefender.msi

2015-11-21 16:49 - 2015-07-10 18:42 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl.mui

2015-11-21 16:17 - 2015-11-21 17:00 - 00000000 ____D C:\WINDOWS\SoftwareDistribution.old

2015-11-19 14:16 - 2015-11-29 10:59 - 00000336 _____ C:\WINDOWS\Tasks\Bslkxk.job

2015-11-19 14:16 - 2015-11-19 14:16 - 00002608 _____ C:\WINDOWS\System32\Tasks\Bslkxk

2015-11-19 14:09 - 2015-11-27 05:00 - 00000000 ____D C:\Program Files (x86)\KMSPico 10.0.6

2015-11-16 21:22 - 2015-10-31 05:16 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-11-16 21:22 - 2015-10-31 04:55 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-11-16 21:22 - 2015-10-31 04:41 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-11-16 21:22 - 2015-10-31 04:41 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-11-16 21:22 - 2015-10-31 04:22 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-11-16 21:22 - 2015-10-31 04:12 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-11-16 21:22 - 2015-10-31 04:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-11-16 21:22 - 2015-10-31 04:06 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-11-16 21:22 - 2015-10-31 04:02 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2015-11-16 21:22 - 2015-10-31 04:01 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-11-16 21:22 - 2015-10-31 03:52 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-11-16 21:22 - 2015-10-31 03:47 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-11-16 21:22 - 2015-10-31 03:46 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-11-16 21:22 - 2015-10-31 03:44 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-11-16 21:22 - 2015-10-31 03:40 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-11-16 21:22 - 2015-10-31 03:39 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-11-16 21:22 - 2015-10-31 03:34 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-11-16 21:22 - 2015-10-31 03:21 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-11-16 21:22 - 2015-10-31 03:18 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-11-16 21:21 - 2015-10-31 04:54 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-11-16 21:21 - 2015-10-31 04:17 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-11-16 21:21 - 2015-10-31 03:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-11-16 21:21 - 2015-10-31 03:16 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-11-15 13:59 - 2015-10-13 21:29 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll

2015-11-15 13:59 - 2015-10-13 21:29 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2015-11-15 13:59 - 2015-10-13 21:29 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll

2015-11-15 13:59 - 2015-10-13 21:29 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll

2015-11-15 13:59 - 2015-10-13 21:29 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll

2015-11-15 13:59 - 2015-10-13 21:29 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll

2015-11-15 13:59 - 2015-10-11 12:06 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2015-11-15 13:59 - 2015-10-11 12:06 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2015-11-15 13:59 - 2015-10-11 00:10 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys

2015-11-15 13:59 - 2015-10-11 00:09 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2015-11-15 13:59 - 2015-10-10 23:37 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2015-11-15 13:59 - 2015-10-10 23:03 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2015-11-15 13:59 - 2015-10-10 22:57 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2015-11-15 13:59 - 2015-10-10 22:41 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2015-11-15 13:59 - 2015-10-10 22:15 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2015-11-15 13:59 - 2015-09-29 17:54 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys

2015-11-15 13:58 - 2015-09-05 00:54 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys

2015-11-15 13:58 - 2015-08-21 02:15 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2015-11-15 13:58 - 2015-08-20 23:18 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2015-11-15 13:57 - 2015-10-13 22:40 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2015-11-15 13:57 - 2015-10-13 22:40 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys

2015-11-15 13:57 - 2015-08-29 03:50 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe

2015-11-15 13:56 - 2015-09-07 21:52 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2015-11-15 13:56 - 2015-09-07 21:24 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2015-11-15 13:56 - 2015-09-07 21:00 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2015-11-15 13:55 - 2015-10-15 21:38 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2015-11-15 13:55 - 2015-10-15 21:16 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2015-11-15 13:55 - 2015-10-15 04:32 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-11-15 13:55 - 2015-10-15 04:32 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2015-11-15 13:55 - 2015-10-15 04:32 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2015-11-15 13:55 - 2015-10-15 04:32 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2015-11-15 13:55 - 2015-10-15 04:32 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2015-11-15 13:55 - 2015-09-12 19:17 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml

2015-11-15 13:54 - 2015-10-21 03:24 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2015-11-15 13:54 - 2015-10-20 20:23 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-11-15 13:54 - 2015-10-20 20:06 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2015-11-15 13:54 - 2015-10-20 20:05 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2015-11-15 13:54 - 2015-10-20 20:04 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2015-11-15 13:54 - 2015-10-20 20:04 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2015-11-15 13:54 - 2015-10-20 20:04 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2015-11-15 13:54 - 2015-10-20 20:03 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2015-11-15 13:54 - 2015-10-20 19:44 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2015-11-15 13:54 - 2015-10-20 19:43 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2015-11-15 13:54 - 2015-10-20 19:43 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2015-11-15 13:54 - 2015-10-20 19:43 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2015-11-15 13:54 - 2015-10-17 19:49 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2015-11-15 13:38 - 2015-10-08 21:38 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2015-11-15 13:38 - 2015-08-10 23:45 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2015-11-15 13:38 - 2015-08-10 23:36 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL

2015-11-15 13:38 - 2015-08-10 23:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll

2015-11-15 13:38 - 2015-08-10 22:26 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL

2015-11-15 13:38 - 2015-08-10 22:16 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll

2015-11-01 14:02 - 2015-11-01 14:02 - 00000000 ____D C:\Users\Tuhin Malik\AppData\Local\CEF

2015-11-01 13:52 - 2015-11-28 22:02 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2015-11-01 01:46 - 2015-11-01 01:46 - 233281756 _____ C:\Users\Tuhin Malik\Downloads\Massage_XXX.mp4

2015-11-01 01:43 - 2015-11-01 01:46 - 963721234 _____ C:\Users\Tuhin Malik\Downloads\Massage Room censored.mp4

2015-11-01 01:35 - 2015-11-01 01:36 - 57525729 _____ C:\Users\Tuhin Malik\Downloads\Nurunetwork Asa Akira Nuru sex massage - XVIDEOS.COM.FLV

2015-11-01 01:35 - 2015-11-01 01:36 - 403019525 _____ C:\Users\Tuhin Malik\Downloads\HD Massage Sex - Keisha Grey.wmv

2015-11-01 01:35 - 2015-11-01 01:36 - 343267977 _____ C:\Users\Tuhin Malik\Downloads\porn of a very sexy girl - massage.wmv

2015-11-01 01:35 - 2015-11-01 01:35 - 11852563 _____ C:\Users\Tuhin Malik\Downloads\Sexy desi girl showing ass censoreded sideways pussy massaged and drilled MMS.wmv

2015-11-01 01:32 - 2015-11-01 01:34 - 882668484 _____ C:\Users\Tuhin Malik\Downloads\PornPros - MassageCreep - Chanel Preston - Fondling Sexy Brunette Durring Massage.mp4

2015-10-30 10:31 - 2015-10-30 10:31 - 01284729 _____ C:\Users\Tuhin Malik\Downloads\2014_EPJA_50_zuo_bombaci_lombardo.pdf

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-11-29 11:13 - 2013-08-22 19:06 - 00000000 ____D C:\WINDOWS

2015-11-29 11:06 - 2013-04-18 23:01 - 00000964 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3316769588-1135009501-609626896-1001UA.job

2015-11-29 11:05 - 2013-01-01 11:18 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3316769588-1135009501-609626896-1001

2015-11-29 11:03 - 2014-11-21 10:14 - 00959896 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2015-11-29 11:03 - 2013-08-22 19:06 - 00000000 ____D C:\WINDOWS\Inf

2015-11-29 11:00 - 2015-10-06 14:19 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-11-29 11:00 - 2015-08-08 01:24 - 00001537 _____ C:\Users\Tuhin Malik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk

2015-11-29 10:58 - 2013-08-22 20:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2015-11-29 10:58 - 2013-08-22 20:14 - 00514240 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2015-11-29 10:56 - 2015-08-15 10:46 - 00000000 ____D C:\Users\Tuhin Malik\AppData\Roaming\Everything

2015-11-29 08:20 - 2014-03-08 09:12 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-11-29 08:16 - 2014-04-28 23:18 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316769588-1135009501-609626896-1001UA.job

2015-11-29 05:34 - 2013-08-10 18:38 - 00000705 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

2015-11-29 03:00 - 2013-01-04 21:47 - 00000000 ____D C:\Users\Tuhin Malik\AppData\Local\Adobe

2015-11-28 23:26 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\NDF

2015-11-28 22:49 - 2013-01-01 11:12 - 00000000 ____D C:\WINDOWS\pss

2015-11-28 22:46 - 2015-08-14 02:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BYclouder Micro SD Card Data Recovery

2015-11-28 22:02 - 2015-10-12 22:31 - 00002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk

2015-11-28 22:02 - 2015-09-27 10:39 - 00001030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk

2015-11-28 22:02 - 2015-09-20 12:00 - 00001408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk

2015-11-28 22:02 - 2015-07-16 08:28 - 00001550 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk

2015-11-28 22:02 - 2015-07-02 21:24 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2015-11-28 22:02 - 2015-06-01 13:38 - 00000959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk

2015-11-28 22:02 - 2015-03-24 01:48 - 00001168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xperia Link.lnk

2015-11-28 22:02 - 2015-03-17 22:31 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-11-28 22:02 - 2014-02-10 17:11 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk

2015-11-28 22:02 - 2013-12-30 16:01 - 00002617 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISFReadPlot.lnk

2015-11-28 22:02 - 2013-04-19 10:00 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk

2015-11-28 22:02 - 2013-02-20 22:08 - 00001384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Advanced PDF Editor.lnk

2015-11-28 22:02 - 2012-09-23 16:02 - 00001263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk

2015-11-28 22:02 - 2012-09-23 16:01 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk

2015-11-28 22:02 - 2012-09-23 16:01 - 00002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Media Server Settings.lnk

2015-11-28 22:02 - 2012-09-23 16:00 - 00001878 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Install.lnk

2015-11-28 22:02 - 2012-09-23 15:58 - 00002119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Norton Online Backup.lnk

2015-11-28 22:02 - 2012-09-23 15:55 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk

2015-11-28 22:02 - 2012-09-23 15:49 - 00001900 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 10.lnk

2015-11-28 22:02 - 2012-09-23 15:39 - 00001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk

2015-11-28 22:02 - 2012-09-23 15:35 - 00002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk

2015-11-28 22:02 - 2012-09-23 15:34 - 00002360 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gesture Control.lnk

2015-11-28 22:02 - 2012-09-23 15:33 - 00001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk

2015-11-28 22:01 - 2015-08-15 10:46 - 00001043 _____ C:\Users\Tuhin Malik\Desktop\Search Everything.lnk

2015-11-28 22:01 - 2015-08-13 23:45 - 00001223 _____ C:\Users\Tuhin Malik\AppData\Roaming\Microsoft\Windows\Start Menu\ReadCube.lnk

2015-11-28 22:01 - 2015-01-17 22:24 - 00001197 _____ C:\Users\Tuhin Malik\Desktop\Desktop_after oct 14.lnk

2015-11-28 22:01 - 2013-08-20 21:55 - 00000819 _____ C:\Users\Tuhin Malik\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk

2015-11-28 20:34 - 2015-05-03 15:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2015-11-28 20:32 - 2013-01-01 11:42 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-11-28 20:32 - 2012-07-26 10:56 - 00000167 _____ C:\WINDOWS\win.ini

2015-11-28 17:28 - 2012-09-23 15:14 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite

2015-11-28 16:41 - 2015-02-06 15:03 - 00002742 _____ C:\WINDOWS\System32\Tasks\LaunchSignup

2015-11-28 16:41 - 2014-09-12 18:56 - 00002398 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher

2015-11-28 16:41 - 2013-08-18 23:24 - 00002332 _____ C:\WINDOWS\System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}

2015-11-28 16:41 - 2013-07-10 17:16 - 00002438 _____ C:\WINDOWS\System32\Tasks\Java Update Scheduler

2015-11-28 16:41 - 2013-05-18 09:13 - 00002428 _____ C:\WINDOWS\System32\Tasks\Adobe online update program

2015-11-28 16:41 - 2013-04-21 21:14 - 00001696 _____ C:\WINDOWS\System32\Tasks\4825

2015-11-28 16:41 - 2013-04-21 21:14 - 00001600 _____ C:\WINDOWS\System32\Tasks\0

2015-11-28 16:41 - 2012-09-23 15:59 - 00002098 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher

2015-11-28 16:41 - 2012-09-23 15:59 - 00002098 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8

2015-11-28 16:41 - 2012-09-23 15:23 - 00001834 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements

2015-11-28 16:40 - 2015-04-22 23:07 - 00001626 _____ C:\WINDOWS\System32\Tasks\{25FD81AA-27FC-4877-93AB-5902311CCBAF}

2015-11-28 16:40 - 2013-09-12 10:34 - 00001760 _____ C:\WINDOWS\System32\Tasks\{CE9D029A-458F-4505-B4EC-778DF675CB93}

2015-11-28 16:40 - 2013-08-20 11:55 - 00002012 _____ C:\WINDOWS\System32\Tasks\{006F992E-F5C2-40BB-B3DE-50D08273A4C5}

2015-11-28 16:40 - 2012-09-23 15:35 - 00002802 _____ C:\WINDOWS\System32\Tasks\VHDInformationCheck

2015-11-28 16:37 - 2012-07-26 13:29 - 00000000 ____D C:\WINDOWS\CbsTemp

2015-11-28 15:48 - 2014-04-28 23:17 - 00000892 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316769588-1135009501-609626896-1001Core.job

2015-11-28 14:21 - 2013-08-22 18:55 - 01310720 ___SH C:\WINDOWS\system32\config\BBI

2015-11-27 07:03 - 2014-07-01 09:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2015-11-27 05:04 - 2015-08-11 14:05 - 00000000 ____D C:\Program Files (x86)\9AE3B7A1-1439282100-11E2-B769-B062EC3BDF10

2015-11-27 05:04 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\Resources

2015-11-27 05:00 - 2015-08-14 03:15 - 00000000 ____D C:\Users\Tuhin Malik\AppData\Local\FE7FD38E-9EBB-4261-9ACE-8AAB7D05043

2015-11-27 04:37 - 2015-07-02 21:12 - 00000000 ____D C:\Users\Tuhin Malik

2015-11-27 04:36 - 2015-10-19 11:14 - 00000000 ____D C:\WINDOWS\Minidump

2015-11-27 04:13 - 2013-08-22 21:06 - 00000000 ___HD C:\Program Files\WindowsApps

2015-11-27 04:13 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\AppReadiness

2015-11-27 04:11 - 2013-05-18 16:09 - 00000000 ____D C:\Users\Tuhin Malik\AppData\Local\ElevatedDiagnostics

2015-11-21 18:31 - 2013-01-01 11:11 - 00000000 ____D C:\Users\Tuhin Malik\AppData\Local\Packages

2015-11-21 16:39 - 2015-08-08 08:24 - 00000000 ____D C:\Program Files\KMSpico

2015-11-21 13:22 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\rescache

2015-11-17 21:50 - 2013-04-18 23:01 - 00000942 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3316769588-1135009501-609626896-1001Core.job

2015-11-16 21:00 - 2015-10-06 14:19 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2015-11-15 16:19 - 2013-08-22 21:06 - 00000000 ___RD C:\WINDOWS\ToastData

2015-11-15 13:54 - 2013-07-14 18:43 - 00000000 ____D C:\WINDOWS\system32\MRT

2015-11-15 13:44 - 2013-01-16 21:29 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-11-08 15:23 - 2015-08-13 23:45 - 00000000 ____D C:\Users\Tuhin Malik\AppData\Local\com.readcube.Desktop

2015-11-03 05:53 - 2014-11-21 17:57 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-11-03 05:53 - 2014-11-21 17:57 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-11-01 13:52 - 2014-12-29 16:57 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2015-11-01 13:51 - 2012-09-23 15:48 - 00000000 ____D C:\ProgramData\Adobe

2015-11-01 13:51 - 2012-09-23 15:48 - 00000000 ____D C:\Program Files (x86)\Adobe

2015-11-01 01:46 - 2015-02-27 21:48 - 00000000 ____D C:\Users\Tuhin Malik\AppData\Roaming\DC++

2015-11-01 01:46 - 2015-02-27 21:48 - 00000000 ____D C:\Users\Tuhin Malik\AppData\Local\DC++

 

==================== Files in the root of some directories =======

 

2015-09-02 22:11 - 2015-09-09 18:23 - 6420480 _____ () C:\Program Files (x86)\GUT3373.tmp

2015-07-30 12:15 - 2015-07-30 12:24 - 0000115 _____ () C:\Users\Tuhin Malik\AppData\Roaming\LogFile.txt

2014-07-14 01:54 - 2014-07-30 19:49 - 0000121 _____ () C:\Users\Tuhin Malik\AppData\Roaming\WB.CFG

2013-08-18 23:31 - 2014-11-16 00:19 - 0007610 _____ () C:\Users\Tuhin Malik\AppData\Local\resmon.resmoncfg

2015-05-06 15:20 - 2015-05-06 15:20 - 0000000 _____ () C:\Users\Tuhin Malik\AppData\Local\{6A7ABB5C-EBD2-4D7F-B527-0213C06F868C}

2015-09-11 01:23 - 2015-09-11 01:23 - 0000000 _____ () C:\Users\Tuhin Malik\AppData\Local\{BDDD00F9-A7AD-4349-87F8-17DBCFFCD878}

2014-12-02 19:36 - 2011-08-31 13:51 - 0114688 _____ () C:\ProgramData\ChgService.exe

2015-04-18 07:59 - 2012-08-31 14:08 - 0024772 _____ () C:\ProgramData\P1100DEF.css

2015-04-18 07:59 - 2015-04-18 07:59 - 0004174 _____ () C:\ProgramData\P1100OS.HTM

2015-04-18 07:59 - 2012-08-31 14:08 - 0002944 _____ () C:\ProgramData\P1100SIG.GIF

 

Files to move or delete:

====================

C:\ProgramData\ChgService.exe

 

 

Some files in TEMP:

====================

C:\Users\Tuhin Malik\AppData\Local\Temp\ReadCubeTray64.exe

 

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-11-29 05:45

 

==================== End of FRST.txt ============================

Addition.txt

FRST.txt

Shortcut.txt

Link to post
Share on other sites

Thanks for the logs, continue as follows...

 

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Please open Malwarebytes Anti-Malware.
 

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.

            'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:
 

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…



If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....


Next,

 

 

Download AdwCleaner by Xplode onto your Desktop.
 

  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...


Next,

 

 

I`ve also attached a zip folder named Win Defend.zip. Unzip that folder. inside will be two (2) .reg files, run each one in turn, agree alerts or merges. Re-boot when complete...

 

Next,

 

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt and Shortcut.txt under "Optional scan" Select scan, when done post the new logs....

Next,

 

Farbar scanner, for use when connection or redirect issues:

Download Farbar Service Scanner from here: http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/ and run it on the computer with the issue.
Make sure the following options are checked:
 

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender


  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

 

 

Let me see those logs in your reply....

 

Thank you,

 

Kevin
 

WinDefend.zip

Fixlist.txt

Link to post
Share on other sites

Dear Kevin,

              I wanted to take a moment to thank you for your support. I was keep on trying to repair my windows from 3-4 days. you are really a generous one. I am very thankful to you. Now the windows defender is working perfectly. 

 

Tuhin

***************************************FSS File****************************************************

Farbar Service Scanner Version: 10-06-2014
Ran by Tuhin Malik (administrator) on 30-11-2015 at 04:22:58
Running from "C:\Users\Tuhin Malik\Downloads"
Microsoft Windows 8.1 Single Language  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Google.com is unreachable
Attempt to access Yahoo.com returned error: Yahoo.com is unreachable
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

       

Addition.txt

AdwCleanerC3.txt

FRST.txt

FSS.txt

scanlog.txt

Shortcut.txt

Link to post
Share on other sites

The fix was not run, you have posted new logs from FRST scan and they show entries that would have been removed with the fix.... FRST always saves log files here C:\FRST\Logs

 

Do this again.....

 

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.
 

Next,

 

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs....

 

Let me see the following logs:

 

Fixlog.txt

FRST,txt

Addition.txt

 

Thank you,

 

Kevin.....
 

 

 

Fixlist.txt

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.