Hi Chemist, once again thank you for staying with me [ and relieved to hear Key s'd be ok ].
I have followed your instructions, and please find attached the three scan results. Interestingly, while running the FRST, I was intently trying to watch the file names whizz by during scan and ... it actually stopped on the spot only twice and both times it was at MBAN Chameleon!
Probably nothing, however : I used to have Limewire which was legally stopped to carry on. Last time I used it was approx 4 / 5 years ago. But I seem to recall finding its remnants in the PC and deleted it some 3 / 4 weeks ago.
**************************
FSS.txt ::
Farbar Service Scanner Version: 17-01-2015
Ran by RAJ (administrator) on 15-04-2015 at 12:08:52
Running from "H:\"
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.
Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi: "%".
The ServiceDll of Nsi: "%".
Checking LEGACY_Nsi: ATTENTION!=====> Unable to open LEGACY_Nsi\0000 registry key. The key does not exist.
Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is set to Disabled. The default start type is 3.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
System Restore Policy:
========================
Security Center:
============
Windows Update:
============
BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
Checking LEGACY_BITS: ATTENTION!=====> Unable to open LEGACY_BITS\0000 registry key. The key does not exist.
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is set to Disabled. The default start type is Auto.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcsvc.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
**** End of log ****
**************************************
FRST.txt ::
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-04-2015
Ran by RAJ (administrator) on RAJ-PC on 15-04-2015 12:19:27
Running from C:\Users\RAJ\Desktop
Loaded Profiles: RAJ (Available profiles: RAJ & RAKHIL & MANALI & SMITA)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(PC Tools) C:\Program Files\PC Tools Firewall Plus\FWService.exe
(Microsoft Corporation) C:\windows\System32\SLsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\windows\System32\wbem\unsecapp.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-21] (Avast Software s.r.o.)
HKU\S-1-5-21-1291136695-2564591854-1091026493-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1291136695-2564591854-1091026493-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1291136695-2564591854-1091026493-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1291136695-2564591854-1091026493-1003\...\InprocServer32: [Default-pngfilt] <==== ATTENTION!
HKU\S-1-5-18\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-18\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\RAJ\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\RAJ\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\RAJ\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
GroupPolicyUsers\S-1-5-21-1291136695-2564591854-1091026493-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1291136695-2564591854-1091026493-1005\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1291136695-2564591854-1091026493-1004\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1291136695-2564591854-1091026493-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
AOL.co.uk
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
msn
HKU\S-1-5-21-1291136695-2564591854-1091026493-1003\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1291136695-2564591854-1091026493-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
Upgrade to Google Chrome
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-17] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-21] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-17] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003 -> No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2001-05-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2013-12-19] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-06] (Google)
FF Plugin: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll [2005-04-27] (RealNetworks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-12] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-13]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-11]
FF HKU\S-1-5-21-1291136695-2564591854-1091026493-1003\...\Firefox\Extensions: [{e29dd2e6-7c5e-4da6-861f-5e0a9e219c15}] - C:\Program Files\electroLyrics\130.xpi
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-19]
CHR Extension: (Google Docs) - C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-19]
CHR Extension: (Google Drive) - C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-07]
CHR Extension: (YouTube) - C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-07]
CHR Extension: (Adblock Plus) - C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-02]
CHR Extension: (Google Search) - C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-07]
CHR Extension: (Google Sheets) - C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-19]
CHR Extension: (Avast Online Security) - C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\RAJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-07]
CHR HKLM\...\Chrome\Extension: [bhfamhipccbnledoejgeflahlcamgnam] - C:\Program Files\electroLyrics\130.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-21]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-21] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-03-21] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3205216 2015-03-21] (Avast Software)
S4 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [67360 2010-01-25] (NOS Microsystems Ltd.)
S4 gupdate1c9bb97c1ccf3a0; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 PCToolsFirewallPlus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [146800 2008-12-11] (PC Tools)
S4 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [540184 2007-08-07] (PDF Complete Inc)
S4 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
S4 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
S4 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-03-13] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 nsi; % [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 archlp; C:\Windows\System32\drivers\archlp.sys [11392 2008-01-29] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-03-21] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-03-21] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73440 2015-03-21] (Avast Software s.r.o.)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2015-03-21] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [253728 2015-03-21] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-03-21] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-03-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788272 2015-03-21] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427480 2015-03-21] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-03-21] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206976 2015-03-21] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-06-26] (AVG Technologies)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2015-03-27] (Malwarebytes Corporation)
R2 PCTAppEvent; C:\Windows\system32\drivers\PCTAppEvent.sys [73840 2009-03-04] (PC Tools)
R1 pctgntdi; C:\windows\System32\drivers\pctgntdi.sys [159600 2008-12-11] (PC Tools)
R3 pctplfw; C:\windows\System32\drivers\pctplfw.sys [95640 2009-03-04] (PC Tools)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-11-04] (Secunia)
R3 SFilter; C:\Windows\System32\DRIVERS\pctfw.sys [97408 2008-09-22] (PC Tools)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220240 2015-03-21] (Avast Software)
S3 vsdatant; C:\Windows\system32\vsdatant.sys [394984 2007-06-22] (Zone Labs, LLC)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVEX15.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-15 12:19 - 2015-04-15 12:19 - 00016151 _____ () C:\Users\RAJ\Desktop\FRST.txt
2015-04-15 12:17 - 2015-04-15 12:19 - 00000000 ____D () C:\FRST
2015-04-15 12:16 - 2015-04-15 11:33 - 01136640 _____ (Farbar) C:\Users\RAJ\Desktop\FRST.exe
2015-04-15 12:07 - 2015-04-15 11:10 - 00415232 _____ (Farbar) C:\Users\RAJ\Desktop\FSS (2).exe
2015-04-14 02:04 - 2015-04-14 02:04 - 00015958 _____ () C:\Users\RAJ\Desktop\ComboFix 14 APR SCAN.txt
2015-04-14 01:57 - 2015-04-14 01:57 - 00015958 _____ () C:\ComboFix.txt
2015-04-14 00:44 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-14 00:44 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-14 00:44 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-14 00:44 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-14 00:44 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-14 00:44 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-14 00:44 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-14 00:44 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-14 00:43 - 2015-04-14 01:59 - 00000000 ____D () C:\Qoobox
2015-04-14 00:43 - 2015-04-14 01:59 - 00000000 ____D () C:\ComboFix
2015-04-14 00:43 - 2015-04-14 01:27 - 00000000 ____D () C:\Windows\erdnt
2015-04-14 00:40 - 2015-04-13 11:34 - 05617275 ____R (Swearware) C:\Users\RAJ\Desktop\ComboFix.exe
2015-04-14 00:36 - 2015-04-14 00:36 - 00003028 _____ () C:\Users\RAJ\Desktop\ADWCLNR SCAN 14 APR.txt
2015-04-13 23:43 - 2015-04-13 11:27 - 02217984 _____ () C:\Users\RAJ\Desktop\adwcleaner_4.201.exe
2015-04-13 22:31 - 2015-04-13 22:31 - 00000000 ____D () C:\Users\RAJ\Documents\MSG
2015-04-13 22:31 - 2015-04-13 22:31 - 00000000 ____D () C:\Users\RAJ\Documents\DAWDA
2015-04-13 22:31 - 2015-04-13 22:31 - 00000000 ____D () C:\Users\RAJ\Documents\COOK'G
2015-04-13 22:31 - 2015-04-13 22:31 - 00000000 ____D () C:\Users\RAJ\Documents\COMUNCATNS
2015-04-13 22:31 - 2015-04-13 22:31 - 00000000 ____D () C:\Users\RAJ\Documents\CHILD
2015-04-13 22:31 - 2015-04-13 22:31 - 00000000 ____D () C:\Users\RAJ\Documents\CFS
2015-04-13 22:31 - 2015-04-13 22:31 - 00000000 ____D () C:\Users\RAJ\Documents\BUSINESS
2015-04-13 22:31 - 2015-04-13 22:31 - 00000000 ____D () C:\Users\RAJ\Documents\AUTO-CAR
2015-04-13 22:30 - 2015-04-13 22:31 - 00000000 ____D () C:\Users\RAJ\Documents\MINU & OTH MP3 SONGS 2-12
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\X
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\UTILITIES Tel,Gas,Mob
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\USA
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\Ulead DVD MovieFactory 4.0 SE for SANYO
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\TRAVEL
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\PREETA PIX & OTH
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\PERSONL DEVLPMNT
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\PATANJALI YOG PEETH
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\PASSPORT PIX
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\ORDERED GOODS
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\LEGAL & TRUSTS
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\LANDLORD
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\CRHMS UK
2015-04-13 22:30 - 2015-04-13 22:30 - 00000000 ____D () C:\Users\RAJ\Documents\ADHYATMA
2015-04-13 22:30 - 2012-06-06 23:35 - 00002048 _____ () C:\Users\RAJ\Documents\Ulead Photo Explorer 8.5 SE Basic.lnk
2015-04-13 22:25 - 2015-04-13 22:25 - 00000000 ____D () C:\Users\RAJ\Documents\SOFTWR PROGRMS
2015-04-13 22:24 - 2015-04-13 22:25 - 00000000 ____D () C:\Users\RAJ\Documents\SNOOKER
2015-04-13 22:24 - 2015-04-13 22:24 - 00000000 ____D () C:\Users\RAJ\Documents\SECURITY
2015-04-13 22:22 - 2015-04-13 23:23 - 00000000 ____D () C:\Users\RAJ\Documents\SANYO_PEX
2015-04-13 22:22 - 2015-04-13 22:22 - 00000000 ____D () C:\Users\RAJ\Documents\RELATIONSHP
2015-04-13 22:22 - 2015-04-13 22:22 - 00000000 ____D () C:\Users\RAJ\Documents\POKER
2015-04-13 22:22 - 2015-04-13 22:22 - 00000000 ____D () C:\Users\RAJ\Documents\MIN EDU USA
2015-04-13 22:22 - 2015-04-13 22:22 - 00000000 ____D () C:\Users\RAJ\Documents\KNIFE
2015-04-13 22:22 - 2015-04-13 22:22 - 00000000 ____D () C:\Users\RAJ\Documents\INTEREST'G
2015-04-13 22:22 - 2015-04-13 22:22 - 00000000 ____D () C:\Users\RAJ\Documents\INSPIRE
2015-04-13 22:22 - 2015-04-13 22:22 - 00000000 ____D () C:\Users\RAJ\Documents\HINDU
2015-04-13 22:22 - 2015-04-13 22:22 - 00000000 ____D () C:\Users\RAJ\Documents\HEALTH
2015-04-13 22:22 - 2015-04-13 22:22 - 00000000 ____D () C:\Users\RAJ\Documents\EMPLYMNT
2015-04-13 22:21 - 2015-04-13 22:22 - 00000000 ____D () C:\Users\RAJ\Documents\My Received Files
2015-04-13 22:21 - 2015-03-25 13:12 - 00000000 ____D () C:\Users\RAJ\Documents\ArcSoft MediaConverter
2015-04-09 00:36 - 2015-04-09 00:36 - 00017652 _____ () C:\Users\RAJ\Desktop\SystemLook.txt
2015-04-09 00:05 - 2015-04-09 00:05 - 00002783 _____ () C:\Users\RAJ\Desktop\MBAN 1.txt
2015-04-02 17:47 - 2015-04-02 17:47 - 00003361 _____ () C:\Users\RAJ\Desktop\ark (2).zip
2015-04-02 17:08 - 2015-04-02 17:08 - 00003361 _____ () C:\Users\RAJ\Desktop\attach.zip
2015-04-02 17:06 - 2015-04-02 17:06 - 00003361 _____ () C:\Users\RAJ\Desktop\ark.zip
2015-04-02 15:11 - 2015-04-02 15:11 - 00002275 _____ () C:\Users\RAJ\Desktop\GMER SCAN LOG.log
2015-04-02 15:10 - 2015-04-02 15:10 - 00002275 _____ () C:\Users\RAJ\Desktop\ark.txt
2015-04-02 13:21 - 2015-04-02 13:21 - 00000269 _____ () C:\Users\RAJ\Desktop\gmer - Shortcut.lnk
2015-04-01 17:51 - 2015-04-01 17:51 - 00008871 _____ () C:\Users\RAJ\Desktop\attach.txt
2015-04-01 17:51 - 2015-04-01 17:51 - 00007378 _____ () C:\Users\RAJ\Desktop\dds.txt
2015-03-26 13:37 - 2015-04-09 00:08 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-26 13:33 - 2015-03-27 12:49 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-26 13:33 - 2015-03-26 13:33 - 00000859 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-26 13:33 - 2015-03-26 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-26 13:33 - 2015-03-26 13:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-26 13:33 - 2015-03-26 13:33 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-26 13:33 - 2015-03-17 07:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-26 13:33 - 2015-03-17 07:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-26 13:31 - 2015-03-26 13:31 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\RAJ\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-26 13:14 - 2015-03-26 13:14 - 00000000 ____D () C:\Windows\pss
2015-03-25 15:53 - 2015-04-14 03:07 - 00004296 _____ () C:\Windows\PFRO.log
2015-03-23 11:46 - 2015-03-23 11:56 - 00000000 ____D () C:\Windows\system32\vbox
2015-03-21 17:10 - 2015-03-21 17:10 - 00001789 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-03-21 17:07 - 2015-03-21 17:06 - 00026096 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-03-21 17:07 - 2015-03-21 17:05 - 00253728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdis2.sys
2015-03-21 17:07 - 2015-03-21 17:01 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-21 17:05 - 2015-03-21 17:05 - 00012112 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2015-03-21 17:01 - 2015-03-21 17:01 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-15 12:17 - 2008-01-30 20:11 - 00000418 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{0E33D065-2BA1-4925-BF6B-BDAE4D89BF96}.job
2015-04-15 11:59 - 2006-11-02 11:33 - 00826598 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 11:58 - 2008-08-09 02:06 - 01220851 _____ () C:\Windows\WindowsUpdate.log
2015-04-15 11:55 - 2009-07-01 14:32 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-15 11:55 - 2008-01-14 20:28 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-15 11:55 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-15 11:55 - 2006-11-02 13:45 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-15 11:55 - 2006-11-02 13:45 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-14 22:52 - 2006-11-02 13:58 - 00032602 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-14 22:48 - 2014-11-16 20:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-14 22:22 - 2009-07-01 14:32 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-14 01:58 - 2014-04-01 12:05 - 00000000 ____D () C:\Users\TEMP
2015-04-14 01:58 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2015-04-14 01:14 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2015-04-14 00:21 - 2014-10-08 21:44 - 00000000 ____D () C:\AdwCleaner
2015-04-13 21:24 - 2008-01-04 05:04 - 00000000 ____D () C:\Users\RAJ
2015-04-02 13:39 - 2009-05-02 23:33 - 00000000 ____D () C:\Windows\Minidump
2015-04-02 13:39 - 2007-10-04 11:29 - 00146355 _____ () C:\Windows\Minidump\Mini040215-01.dmp
2015-03-26 14:23 - 2009-04-12 18:53 - 00000868 _____ () C:\Windows\Tasks\Google Software Updater.job
2015-03-26 13:18 - 2008-01-04 08:35 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-03-26 07:02 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\tracing
2015-03-25 15:51 - 2010-04-14 12:39 - 00000318 _____ () C:\lxbk.log
2015-03-24 20:41 - 2013-09-12 16:11 - 00000000 ____D () C:\Users\RAJ\AppData\Local\Garmin
2015-03-24 20:41 - 2013-09-12 16:06 - 00000000 ____D () C:\ProgramData\Garmin
2015-03-24 20:41 - 2013-09-12 16:05 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-24 20:41 - 2013-06-06 17:36 - 00000000 ____D () C:\Program Files\Garmin
2015-03-24 20:41 - 2013-06-06 16:35 - 00000000 ____D () C:\Users\RAJ\AppData\Roaming\Garmin
2015-03-21 17:01 - 2014-09-11 16:19 - 00788272 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-21 17:01 - 2014-09-11 16:19 - 00427480 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-21 17:01 - 2014-09-11 16:19 - 00206976 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-21 17:01 - 2014-09-11 16:19 - 00073440 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-21 17:01 - 2014-09-11 16:19 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys
2015-03-21 17:01 - 2014-09-11 16:19 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys
2015-03-21 17:01 - 2014-09-11 16:19 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-21 17:01 - 2014-09-11 16:19 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
==================== Files in the root of some directories =======
2008-07-23 21:12 - 2008-07-23 21:12 - 0774144 _____ (RealNetworks, Inc.) C:\Program Files\RngInterstitial.dll
2008-04-13 20:50 - 2008-04-13 20:52 - 0024206 _____ () C:\Users\RAJ\AppData\Roaming\UserTile.png
2010-02-15 20:35 - 2014-01-05 01:17 - 0007160 _____ () C:\Users\RAJ\AppData\Local\d3d9caps.dat
2008-11-26 13:38 - 2010-03-13 03:35 - 0013824 _____ () C:\Users\RAJ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-06 00:37 - 2012-06-06 00:37 - 0034814 _____ () C:\Users\RAJ\AppData\Local\dt.dat
2010-01-07 00:08 - 2009-11-08 00:08 - 0000032 ____R () C:\ProgramData\hash.dat
2012-06-06 23:35 - 2003-08-14 12:49 - 0000829 ____N () C:\ProgramData\pex.ini
Files to move or delete:
====================
C:\ProgramData\hash.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-15 12:01
==================== End Of Log ============================
*************************************************
Addition.txt ::
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-04-2015
Ran by RAJ at 2015-04-15 12:20:46
Running from C:\Users\RAJ\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: PC Tools Firewall Plus (Enabled) {7352CBFB-3EEC-25C5-276E-DC9378FC688F}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft MediaConverter 2.5 (HKLM\...\{A72FC039-FE41-4BAD-B36E-64368EC54B54}) (Version: - ArcSoft)
ArcSoft ShowBiz DVD 2 (HKLM\...\{996F79F5-2ABF-4B9D-A0C0-ACD046AA8008}) (Version: 2.2.2.118 - ArcSoft)
ArcSoft TotalMedia Extreme (HKLM\...\{BC5E28DB-A496-415F-9BCF-374AE8E33AB5}) (Version: 1.0.14.1 - ArcSoft)
ASUSDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1016 - )
ATI Catalyst Install Manager (HKLM\...\{1CF703F9-C891-55CB-E16D-94B9E46279FB}) (Version: 3.0.627.0 - ATI Technologies, Inc.)
ATI Catalyst Install Manager (HKLM\...\{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}) (Version: 3.0.641.0 - ATI Technologies, Inc.)
Avast Internet Security (HKLM\...\Avast) (Version: 10.2.2214 - AVAST Software)
Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CDPoker (HKLM\...\Club Dice Poker) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Driving Test Success - All Tests 2012 Edition (HKLM\...\{EF570A1B-7593-4EDB-8AF0-8041F2A7A81B}_is1) (Version: 16.0 - Imagitech Ltd.)
Dropbox (HKU\S-1-5-21-1291136695-2564591854-1091026493-1003\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM\...\{38DD9AAA-A09A-42FF-A9EE-DA9C84B2E036}) (Version: 1.1.2.0151 - AMD)
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
Garmin Communicator Plugin (HKLM\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Earth (HKLM\...\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Hinduism Today Digital Edition (HKLM\...\Hinduism Today Digital Edition_is1) (Version: - )
HP Backup & Recovery Manager (HKLM\...\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}) (Version: 4.1.4 enhanced - Hewlett-Packard Company)
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 9.7.2 - Hewlett-Packard Company)
HP SetRefresh (HKLM\...\{F5242227-2051-4158-AC42-0F2BAA3CD3D6}) (Version: 1.2.1.3 - Hewlett-Packard Company)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: - )
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.1155 - InterVideo Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 11 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Java(TM) SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Publisher 2002 (HKLM\...\{90190409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-1291136695-2564591854-1091026493-1003\...\MyFreeCodec) (Version: - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PC Tools Firewall Plus 5.0 (HKLM\...\PC Tools Firewall Plus) (Version: 5.0 - PC Tools)
PDF Complete (HKLM\...\PDF Complete) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerHost (HKLM\...\PokerHost) (Version: - )
PokerStars (HKLM\...\PokerStars) (Version: - PokerStars)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Secunia PSI (3.0.0.9015) (HKLM\...\Secunia PSI) (Version: 3.0.0.9015 - Secunia)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Ulead DVD MovieFactory 4.0 SE for SANYO (HKLM\...\{448AB2CB-C94A-47DE-80B8-9D7824DEFA57}) (Version: 4.0 - Ulead Systems, Inc.)
Ulead Photo Explorer 8.5 SE Basic (HKLM\...\{025C3792-E9C6-432A-92C1-661F99D021CA}) (Version: 8.5 - Ulead Systems, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USB Audio/Video Driver (HKLM\...\InstallShield_{015C057F-D7B9-4D82-B266-FBCF0178F382}) (Version: 1.00.0000 - )
USB Audio/Video Driver (Version: 1.00.0000 - ) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.20 beta 3 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.3 - win.rar GmbH)
ZTE_1.2059.0.8 (HKLM\...\ZTE_1.2059.0.8) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\RAJ\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{00b7e0ab-817a-44ad-a04b-d1148d524136}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{0F130AC8-CDF1-4DAA-AA9B-7B4083F49EA4}\InprocServer32 -> C:\Poker\CDPoker\widgetbar\WidgetbarContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{3050F4CF-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{3050F4F5-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{30C3B080-30FB-11D0-B724-00AA006C1A01}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{53D7E4EF-4DFB-45BE-B9CC-A0243AECB238}\InprocServer32 -> C:\Poker\CDPoker\widgetbar\WidgetbarContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{6A01FDA0-30DF-11D0-B724-00AA006C1A01}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{7057E952-BD1B-11D1-8919-00C04FC2C836}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{7c6e29bc-8b8b-4c3d-859e-af6cd158be0f}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{876FA801-2B5E-4201-9E6B-2EF2C05A5C6B}\InprocServer32 -> C:\Poker\CDPoker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{88d969c0-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{88d969c1-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{88d969c2-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{88d969c3-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{88d969c4-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{88d969c5-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{88d969c6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{88d969c8-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{88d969c9-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{88d969ca-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{88d969d6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\RAJ\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{89425F5E-A2BD-44CD-9E4F-F1498522F0E5}\InprocServer32 -> C:\Poker\CDPoker\widgetbar\WidgetbarManagerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{939A0D04-0E07-48FE-A463-6623B70C3A96}\localserver32 -> "C:\Users\RAJ\AppData\Roaming\ValueApps\IE\ValueApps.exe" No File
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{A3CCEDF7-2DE2-11D0-86F4-00A0C913F750}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{D7B70EE0-4340-11CF-B063-0020AFC2CD35}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{EB030009-6D26-11D3-B0F4-00C04F60B2A1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{F6240000-66DA-4DCD-B1AF-5C59D05C44D5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{F6F8856F-374D-4397-BB1C-80AB57E60529}\InprocServer32 -> C:\Poker\CDPoker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAJ\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAJ\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAJ\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAJ\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1291136695-2564591854-1091026493-1003_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> No File Path
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2015-04-14 01:12 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {039B8399-2485-408D-9DA9-76B43A573702} - System32\Tasks\{8AF4065A-08D1-48A8-80BB-50F2C338A953} => pcalua.exe -a C:\Users\RAJ\Downloads\gamesFree.exe -d C:\Users\RAJ\Downloads
Task: {09977583-6469-4579-AC2F-D88E5F3CDF5C} - System32\Tasks\{C6493663-0AAB-4FE9-A1EC-B6A437EE45F5} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6TMFPN17\zaasSetup_70_362_000_en[1].exe" -d C:\Users\RAJ
Task: {09FF77AF-451D-42D5-8B8D-722DF90278EF} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - RAJ => C:\Program Files\Windows Calendar\wincal.exe [2009-04-10] (Microsoft Corporation)
Task: {200863E4-EB3B-4685-B7F2-3EA25058F933} - System32\Tasks\{2F9985C7-CCF9-451C-AC1E-E9613C2D1954} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OOI0XGTL\gamesFree[1].exe" -d C:\Users\RAJ\Desktop
Task: {24E837E6-22E4-40CA-AFBA-E840298FFD2C} - System32\Tasks\{A68810BF-554A-473B-9F12-B4C1DA9D8FEA} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZ80UMY5\epson320037eu[1].exe" -d C:\Users\RAJ\Desktop
Task: {25B04DD9-2AC9-4498-AB33-EEF531997B56} - System32\Tasks\{F95057DD-C0C7-4A68-8BA3-FA343156C0A0} => pcalua.exe -a C:\WINDOWS\ISUNINST.EXE -c -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Task: {2E457764-27E7-4B64-A8E8-C79A99A627D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {2FCD3D2F-9178-404E-9CC2-350857212F40} - System32\Tasks\{CC2FDF14-4AB4-4C92-98D2-82BA9C229BCB} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BOAZZ4BZ\gamesFree[1].exe" -d C:\Users\RAJ\Desktop
Task: {329A2827-C775-4FDE-B224-999B02ED5AA9} - System32\Tasks\{F835B388-A406-4F51-AF4F-04EB58385544} => pcalua.exe -a "C:\Program Files\electroLyrics\uninstall.exe"
Task: {3C86078D-68D9-4695-8A0C-86CAC5018341} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {3E2C6916-88C1-48B7-81A4-E7846E1FA4BD} - System32\Tasks\{A51E3F4C-C7E9-4178-9BAD-F494103C7884} => pcalua.exe -a F:\install.exe -d F:\
Task: {53C2FCA9-855E-4294-A056-4F15ABECB52F} - System32\Tasks\{8E1D8974-7A49-48DA-9E54-CCC7CC4E21B4} => pcalua.exe -a C:\Users\RAJ\Documents\arcadegamepFree.exe -d C:\Users\RAJ\Documents
Task: {5A09DAAB-7006-481F-9704-6D22BBD7CFB4} - System32\Tasks\{7D1D0678-B5B1-4F87-91DB-E5C09A71D684} => pcalua.exe -a F:\Setupx.exe -d F:\
Task: {5BDDA938-CA00-4F0E-8323-C19080D08A7A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1291136695-2564591854-1091026493-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {63DF1438-BE2B-4C37-9595-D40D45700174} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-18] (Google)
Task: {6633D1DA-95B0-4B1B-94B3-D7DCFAA5CBA1} - System32\Tasks\Microsoft\Office Genuine Advantage\OGALogon => C:\Windows\system32\OGAExec.exe [2009-08-03] ()
Task: {66A2A4F6-BB9E-4DF7-8C52-761F477A63A5} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1291136695-2564591854-1091026493-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {7760087E-D8CF-45AC-BD9B-F4C756C65D86} - System32\Tasks\{8F358102-2563-4671-8161-4376FE24E1F1} => pcalua.exe -a G:\MSASYNC_WWE.EXE -d G:\
Task: {86A47DA2-6371-421B-BEAF-009B5C99196B} - System32\Tasks\Microsoft\Windows\RestartManager\{0316A6C8-192D-4797-9B11-9D14D18B0632} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {8A317128-B102-4EAD-9917-FC5FC9A990AF} - \electroLyrics Update No Task File <==== ATTENTION
Task: {990D683C-227B-4E52-8837-51B858770D91} - System32\Tasks\{E946C6AC-071B-4129-810F-19C2EB9E324D} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SVDHDEEV\sp36740[1].exe" -d C:\Windows\system32
Task: {991936E5-FA56-4B8C-9FAC-734C9DD9CD1E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9DF24723-FBE0-4251-B3A7-4129DEB41FC8} - System32\Tasks\{85D8EA08-02EE-4825-878A-B84AE23D4165} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJC1EYOF\Nero-6.6.1.15_eng[1].exe" -d C:\Windows\system32
Task: {A17919FE-CE1B-4C18-943F-542EF559C867} - System32\Tasks\{817ACABE-393F-4261-9DE9-799A1F177406} => C:\Program Files\Skype\Phone\Skype.exe
Task: {A37B63AA-FBCB-4506-B00C-49ADF062CAAC} - System32\Tasks\{B1087782-4ED9-4AB2-B6B7-9A93AF854211} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MVKF1IU2\LimeWireWin[1].exe" -d C:\Users\RAJ\Desktop
Task: {A59BDF61-9776-422C-9649-44C315B0F743} - System32\Tasks\{935695EF-2E7C-4416-B626-F6151684B7C0} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIAKCS67\NVE-3.1.0.25_eng[1].exe" -d C:\Windows\system32
Task: {A8D14AD6-E4A8-4E94-A623-B978881C94DE} - System32\Tasks\{EEF06578-EC32-4026-A791-0F4579B2DCFA} => pcalua.exe -a "C:\Program Files\PokerHost\uninstall.exe"
Task: {A8F46329-33EC-4895-B3AE-07C6D7A64DA4} - System32\Tasks\{DD31C027-608D-4E0E-A290-034B3D44E952} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YUSMK2SA\sp43003[1].exe" -d C:\Users\RAJ\Desktop
Task: {B02F825A-91DA-4A7F-9C29-9115760B68FD} - System32\Tasks\{4C14E304-955E-45FA-8741-631DD57F91A4} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJC1EYOF\Nero-6.6.1.15a[1].exe" -d C:\Windows\system32
Task: {B3C50AB1-EE4C-4AB3-A2F5-9F7E5A047886} - System32\Tasks\{7728FBA9-7A7B-4A8C-827F-83E8B56FBC0C} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NK319B7N\sp41879[1].exe" -d C:\Users\RAJ\Desktop
Task: {B6B46DE0-5E6E-497C-A7B2-38839865379D} - System32\Tasks\{ED213DD0-4632-41BF-BFFB-6F9CF2E172B1} => pcalua.exe -a F:\INSTMSI.EXE -d F:\
Task: {BDA88B60-FDDC-43F8-BE02-483D6A24E123} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {BE2D421C-2B24-4E4A-B3DA-C933AB4566A8} - System32\Tasks\{1CEECA12-A1E2-427C-B8BF-DED0E53398E2} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\303RAPUO\NMP-1.4.0.35b[1].exe" -d C:\Windows\system32
Task: {BE368C08-F7A9-4239-AB11-164D99B106D5} - System32\Tasks\{182E446E-05CA-48DC-BAF9-D2D32E2690E4} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\303RAPUO\InCD-4.3.23.2[1].exe" -d C:\Windows\system32
Task: {C1E836FB-D8E7-4F41-BACB-5E92D13F183B} - System32\Tasks\{20045C68-266D-4A51-8E2D-9ED74DB43A24} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZZDXGSZT\SetupPoker[1].exe" -d C:\Users\RAJ
Task: {C2A85A4A-5676-48F0-A51A-057E248169FF} - System32\Tasks\{FB6D28FC-03FF-4CDC-AC0E-84DA6D7E67EF} => pcalua.exe -a F:\install.exe -d F:\
Task: {D0B4F229-D9A7-4CB0-B62A-4089F6DE9CA7} - System32\Tasks\{0158A7B6-A612-4C59-9E09-13A6F5539CA3} => pcalua.exe -a "C:\Program Files\QuickTime\QTSystem\QuickTime.cpl"
Task: {D65F2397-DB65-42D8-BE2C-48F36692A8AB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {DD252486-7D42-42B4-8A8A-7AC7AFDF08AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {DF90B2AD-9F52-4A49-8A12-7261B6EAE0CE} - System32\Tasks\{53D593C2-8FE6-4043-B37C-B9EB4AC69FA7} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTN0UE9P\sp34615[1].exe" -d C:\Windows\system32
Task: {EF12A234-0DFD-4653-BC3C-5C06FC7FA027} - System32\Tasks\{724BC68F-6E34-42C3-B1E0-8F3E51C5251C} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJC1EYOF\LimeWireWin[1].exe" -d C:\Users\RAJ
Task: {F5B11F64-A62F-48A3-8083-9F5879E45276} - System32\Tasks\{6A4345A8-D00D-4722-BB3F-231119823718} => pcalua.exe -a F:\ie6setup.exe -d F:\
Task: {F87A6AD1-7B74-4E44-A0C6-43072133B6A6} - System32\Tasks\{2D6FDA70-8FE1-4EE8-A434-0E4E55A51A0A} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9BQH1L1D\LimeWireWin[1].exe" -d C:\Users\RAJ\Desktop
Task: {F9A05307-3E26-493D-8D6E-8C5C4955EDCF} - System32\Tasks\{B2A84B01-510D-474B-978A-099718BFF8AD} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1B897UL3\sp36740[1].exe" -d C:\Users\RAJ\Desktop
Task: {F9E19298-D85D-4EB3-989C-362D1A255EA3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-21] (Avast Software s.r.o.)
Task: {FA5B99FD-63FE-4A0E-BF21-91CEBC669C29} - System32\Tasks\{219D8A32-FD4C-405B-B8B8-AF49473237CD} => pcalua.exe -a "C:\Users\RAJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\79358QAL\sp34615[1].exe" -d C:\Users\RAJ
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{0E33D065-2BA1-4925-BF6B-BDAE4D89BF96}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-21 17:01 - 2015-03-21 17:01 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-21 17:01 - 2015-03-21 17:01 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-27 12:40 - 2015-03-27 12:40 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\15032700\algo.dll
2007-07-27 08:35 - 2007-07-27 07:35 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2015-03-14 14:41 - 2015-03-21 17:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Program Files\DoylesRoom:MID
AlternateDataStreams: C:\Program Files\PokerHost:MID
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:1CA73D29
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1291136695-2564591854-1091026493-1003\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.254
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 2
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Ati External Event Utility => 2
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: Audiosrv => 2
MSCONFIG\Services: BcmSqlStartupSvc => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 2
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: clr_optimization_v2.0.50727_32 => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: DFSR => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EMDMgmt => 2
MSCONFIG\Services: Eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: fsssvc => 3
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\Services: getPlusHelper => 3
MSCONFIG\Services: gupdate1c9bb97c1ccf3a0 => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 2
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: IviRegMgr => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 2
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: MSIServer => 3
MSCONFIG\Services: MSSQL$MSSMLBIZ => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 2
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nosGetPlusHelper => 3
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: ose => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RapiMgr => 2
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 2
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SLUINotify => 3
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: SQLBrowser => 2
MSCONFIG\Services: SQLWriter => 2
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 2
MSCONFIG\Services: TermService => 2
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UleadBurningHelper => 2
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 2
MSCONFIG\Services: WcesComm => 2
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 2
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 2
MSCONFIG\Services: WPDBusEnum => 2
MSCONFIG\Services: WPFFontCache_v0400 => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: 00PCTFW => "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: MsnMsgr => "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
MSCONFIG\startupreg: PDF Complete => "C:\Program Files\PDF Complete\pdfsty.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
MSCONFIG\startupreg: SetRefresh => C:\Program Files\COMPAQ\SetRefresh\\SetRefresh.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
MSCONFIG\startupreg: WPCUMI => C:\Windows\system32\WpcUmi.exe
==================== Accounts: =============================
Administrator (S-1-5-21-1291136695-2564591854-1091026493-500 - Administrator - Disabled)
Guest (S-1-5-21-1291136695-2564591854-1091026493-501 - Limited - Disabled)
MANALI (S-1-5-21-1291136695-2564591854-1091026493-1005 - Limited - Enabled) => C:\Users\MANALI.RAJ-PC
RAJ (S-1-5-21-1291136695-2564591854-1091026493-1003 - Administrator - Enabled) => C:\Users\RAJ
RAKHIL (S-1-5-21-1291136695-2564591854-1091026493-1004 - Limited - Enabled) => C:\Users\RAKHIL.RAJ-PC
SMITA (S-1-5-21-1291136695-2564591854-1091026493-1006 - Limited - Enabled) => C:\Users\SMITA
==================== Faulty Device Manager Devices =============
Name: Microsoft 6to4 Adapter #5
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #6
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.{5C88CA14-ED28-46DC-AD4C-00E7FFDB29A1}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #8
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/15/2015 00:20:48 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422].
Operation:
Obtain a callable interface for this provider
List interfaces for all providers supporting this context
Query Shadow Copies
Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshot Context: 13
Snapshot Context: 13
Execution Context: Coordinator
Error: (04/15/2015 00:20:48 PM) (Source: VSS) (EventID: 40) (User: )
Description: Volume Shadow Copy Service error: The Microsoft Software Shadow Copy Provider (SWPRV) service is
disabled. Please enable the service and try again.
Operation:
Obtain a callable interface for this provider
List interfaces for all providers supporting this context
Query Shadow Copies
Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshot Context: 13
Snapshot Context: 13
Execution Context: Coordinator
Error: (04/15/2015 00:08:58 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp4580070422
Error: (04/15/2015 00:05:03 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (04/15/2015 00:00:22 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (04/15/2015 11:58:50 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point on volume (Process = C:\Windows\system32\svchost.exe -k netsvcs; Descripton = Windows Update; Hr = 0x8000ffff).
Error: (04/15/2015 11:58:50 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422].
Operation:
Obtain a callable interface for this provider
List interfaces for all providers supporting this context
Delete Shadow Copies
Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshot Context: 0
Snapshot Context: 0
Execution Context: Coordinator
Error: (04/15/2015 11:58:50 AM) (Source: VSS) (EventID: 40) (User: )
Description: Volume Shadow Copy Service error: The Microsoft Software Shadow Copy Provider (SWPRV) service is
disabled. Please enable the service and try again.
Operation:
Obtain a callable interface for this provider
List interfaces for all providers supporting this context
Delete Shadow Copies
Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshot Context: 0
Snapshot Context: 0
Execution Context: Coordinator
Error: (04/15/2015 11:58:50 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422].
Operation:
Obtain a callable interface for this provider
List interfaces for all providers supporting this context
Query Shadow Copies
Delete Shadow Copies
Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshot Context: 0
Snapshot Context: 0
Execution Context: Coordinator
Execution Context: Coordinator
Error: (04/15/2015 11:58:50 AM) (Source: VSS) (EventID: 40) (User: )
Description: Volume Shadow Copy Service error: The Microsoft Software Shadow Copy Provider (SWPRV) service is
disabled. Please enable the service and try again.
Operation:
Obtain a callable interface for this provider
List interfaces for all providers supporting this context
Query Shadow Copies
Delete Shadow Copies
Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshot Context: 0
Snapshot Context: 0
Execution Context: Coordinator
Execution Context: Coordinator
System errors:
=============
Error: (04/15/2015 00:09:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Background Intelligent Transfer ServiceCOM+ Event System%%1058
Error: (04/15/2015 00:07:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Background Intelligent Transfer ServiceCOM+ Event System%%1058
Error: (04/15/2015 00:07:59 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068BITS{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (04/15/2015 00:05:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: WinHTTP Web Proxy Auto-Discovery ServiceDHCP Client%%1068
Error: (04/15/2015 00:05:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: DHCP ClientNetwork Store Interface Service%%1075
Error: (04/15/2015 00:05:00 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Network Store Interface Servicey
Error: (04/15/2015 00:04:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: WinHTTP Web Proxy Auto-Discovery ServiceDHCP Client%%1068
Error: (04/15/2015 00:04:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: DHCP ClientNetwork Store Interface Service%%1075
Error: (04/15/2015 00:04:49 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Network Store Interface Servicey
Error: (04/15/2015 00:04:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: WinHTTP Web Proxy Auto-Discovery ServiceDHCP Client%%1068
Microsoft Office Sessions:
=========================
Error: (06/17/2010 02:22:10 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 34 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-04-15 12:20:27.379
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-15 12:20:26.100
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-15 12:20:24.805
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-15 12:20:23.511
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-15 12:20:22.060
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-15 12:20:20.765
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-15 12:20:19.470
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-15 12:20:18.191
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-15 12:19:46.819
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-15 12:19:45.525
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+
Percentage of memory in use: 41%
Total physical RAM: 1917.83 MB
Available physical RAM: 1128.54 MB
Total Pagefile: 4078.14 MB
Available Pagefile: 3345.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1881.18 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:218.87 GB) (Free:91.73 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.05 GB) (Free:6.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (OS_TOOLS) (Fixed) (Total:1.96 GB) (Free:1.56 GB) NTFS
Drive h: () (Removable) (Total:1.87 GB) (Free:1.84 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: D904B864)
Partition 1: (Active) - (Size=218.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
That's it for now Chemist.
most sincerely, mg222