Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

REGISTRY IS INFECTED!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

REGISTRY IS INFECTED!!

Unread postby MessiFan » September 9th, 2016, 3:57 am

Hi

I have been encountering some things in the recent days . I have no idea if theresmalware or anything of that sort in my system.I have a Bitdefender Total Security 2016 edition but its not detecting anything(I am 25%sure there are viruses).I scanned the computer with Roguekill and it came up with some infected registry keys.
I thought the headache was over.But it again comes up with the same thing.What do I do now?

Thanks
MessiFan

Please check these logs

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Chinnu Achu (administrator) on ChinnuAchu-PC (09-09-2016 13:16:01)
Running from C:\Users\Chinnu Achu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05TJ0K2N
Loaded Profiles: Chinnu Achu (Available Profiles: Chinnu Achu)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_21_0_0_242_ActiveX.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1654160 2016-06-24] (Bitdefender)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13624048 2016-09-02] (Zemana Ltd.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\MountPoints2: {376b7b4b-5fde-11e3-9cdf-b888e30d1c2f} - E:\Startme.exe
HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\MountPoints2: {3d0db684-71ee-11e2-a531-b888e30d1c2f} - E:\autorun.exe
HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\MountPoints2: {b7b4e1e9-71aa-11e2-8c0c-08edb9fd294f} - E:\autorun.exe
HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\MountPoints2: {b7b4e1ef-71aa-11e2-8c0c-08edb9fd294f} - E:\autorun.exe
HKU\S-1-5-21-3836068884-3420196254-810653075-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-14] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-14] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{174DD99A-3EE1-4B3F-A85D-CCB45FD9F039}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{F173CB7B-734B-4C4D-BFB8-166E2353AD51}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3836068884-3420196254-810653075-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKLM-x32 -> Default = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-06-16] (Bitdefender)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-12] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-06-16] (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-25] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-12] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-25] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-12] (Google Inc.)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-06-16] (Bitdefender)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-12] (Google Inc.)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-06-16] (Bitdefender)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.co ... 5.24.0.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FireFox:
========
FF ProfilePath: C:\Users\Chinnu Achu\AppData\Roaming\Mozilla\Firefox\Profiles\bsgpyu8a.default-1414238304305
FF SelectedSearchEngine: Yahoo!
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-01] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa\npPicasa3.dll [2014-01-07] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2016-02-29] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3836068884-3420196254-810653075-1001: @hola.org/vlc,version=1.7.78 -> C:\Users\Chinnu Achu\AppData\Local\Hola\firefox\app\vlc [No File]
FF Plugin HKU\S-1-5-21-3836068884-3420196254-810653075-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Chinnu Achu\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]
FF Plugin HKU\S-1-5-21-3836068884-3420196254-810653075-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Chinnu Achu\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-3836068884-3420196254-810653075-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Chinnu Achu\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-12] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2016-06-27]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-06-27] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-05-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [k7srff_enUS@k7computing.com] - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SR\K7WebProtection.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.co.in/
CHR DefaultSearchURL: Default -> hxxps://in.search.yahoo.com/search?fr=m ... 0160504&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Chinnu Achu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (TrafficLight) - C:\Users\Chinnu Achu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2016-08-07]
CHR Extension: (EagleGet Free Downloader) - C:\Users\Chinnu Achu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaebhgioafceeldhgjmendlfhbfjefmo [2016-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chinnu Achu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Chinnu Achu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-03]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-12] (WildTangent)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-03-14] (NVIDIA Corporation)
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
S4 LMIRescue_23fcc973-a771-4fd9-a37a-8382f93953d5; C:\Users\Chinnu Achu\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe [3306336 2016-04-02] (LogMeIn, Inc.)
S4 LMIRescue_39b8b34b-03c0-4938-baa0-131080b00e26; C:\Users\Chinnu Achu\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe [3306336 2016-04-02] (LogMeIn, Inc.)
S4 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [740832 2016-01-29] (Malwarebytes Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-06] (NTI Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-03-14] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-03-14] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [991248 2016-06-22] (Bitdefender)
S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-06-16] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-06-24] (Bitdefender)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5824512 2012-07-24] (Broadcom Corporation) [File not signed]
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13624048 2016-09-02] (Zemana Ltd.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1603264 2016-08-30] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [850464 2016-08-30] (BitDefender)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-03-22] (Broadcom Corporation.)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [119696 2016-06-15] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-28] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-01-29] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
R0 ignis; C:\Windows\System32\DRIVERS\ignis.sys [299816 2016-06-16] (Bitdefender)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2016-09-08] (Malwarebytes)
R1 MpKsled16f118; C:\Windows\system32\MpEngineStore\MpKsled16f118.sys [44928 2016-09-08] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-03-14] (NVIDIA Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-09-07] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-03-10] (BitDefender S.R.L.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-09-07] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-09-07] (Zemana Ltd.)
S3 b06bdrv; \SystemRoot\system32\drivers\bxvbda.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 cpuz134; \??\C:\Users\CHINNU~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 K7RKScan; \??\C:\Program Files (x86)\K7 Computing\K7TSecurity\64Bit\K7RKScan.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-09 13:15 - 2016-09-09 13:16 - 00000000 ____D C:\FRST
2016-09-09 12:29 - 2016-09-09 12:29 - 00051525 _____ C:\Users\Chinnu Achu\Desktop\MTB.txt
2016-09-08 00:35 - 2016-09-08 00:35 - 00000000 ____D C:\Users\Chinnu Achu\AppData\Local\ElevatedDiagnostics
2016-09-08 00:26 - 2016-09-08 00:26 - 00000000 ____D C:\Windows\system32\MpEngineStore
2016-09-08 00:25 - 2016-09-08 00:25 - 00088504 _____ C:\Users\Chinnu Achu\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-08 00:06 - 2016-09-08 16:24 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-07 22:14 - 2016-09-09 13:16 - 00060596 _____ C:\Windows\ZAM.krnl.trace
2016-09-07 22:14 - 2016-09-09 13:16 - 00033105 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-09-07 22:14 - 2016-09-07 22:14 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-09-07 22:14 - 2016-09-07 22:14 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-09-07 22:14 - 2016-09-07 22:14 - 00001112 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-09-07 22:14 - 2016-09-07 22:14 - 00000000 ____D C:\Users\Chinnu Achu\AppData\Local\Zemana
2016-09-07 22:14 - 2016-09-07 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-09-07 22:14 - 2016-09-07 22:14 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-09-07 20:46 - 2016-09-07 20:46 - 00003438 _____ C:\Users\Chinnu Achu\Desktop\report.txt
2016-09-07 20:05 - 2016-09-07 20:06 - 00337576 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-07 16:36 - 2016-09-07 16:36 - 00000000 ____D C:\Users\Chinnu Achu\AppData\Roaming\RenPy
2016-09-07 15:30 - 2016-09-07 15:30 - 05470112 _____ (EagleGet ) C:\Users\Chinnu Achu\Downloads\eagleget_setup.exe
2016-09-07 15:14 - 2016-09-07 15:19 - 25693500 _____ C:\Users\Chinnu Achu\Downloads\Unconfirmed 371704.crdownload
2016-09-07 15:09 - 2016-09-07 15:10 - 05077914 _____ (Ninja Download Manager ) C:\Users\Chinnu Achu\Downloads\ninja.download.manager_build33.exe
2016-09-07 15:01 - 2016-09-07 15:02 - 00000211 _____ C:\Windows\wininit.ini
2016-09-07 14:49 - 2016-09-07 14:50 - 00657233 _____ C:\Users\Chinnu Achu\Downloads\xdm5setup.exe
2016-09-05 02:23 - 2016-09-05 02:23 - 00448512 _____ (OldTimer Tools) C:\Users\Chinnu Achu\Downloads\TFC.exe
2016-09-03 10:39 - 2016-09-03 10:39 - 00012137 _____ C:\Users\Chinnu Achu\Desktop\Payment.pdf
2016-09-03 10:39 - 2016-09-03 10:39 - 00008083 _____ C:\Users\Chinnu Achu\Downloads\Payment.pdf
2016-09-02 10:39 - 2016-09-02 10:39 - 00324632 _____ C:\Users\Chinnu Achu\Desktop\CICPA Pass.pdf
2016-09-02 10:36 - 2016-09-02 10:36 - 00000703 _____ C:\Users\Chinnu Achu\Desktop\Libraries - Shortcut.lnk
2016-09-01 19:21 - 2016-09-01 19:21 - 00924544 _____ C:\Users\Chinnu Achu\Desktop\NPS_for_NRIs.pdf
2016-09-01 17:05 - 2016-09-01 17:05 - 00000620 _____ C:\Users\Chinnu Achu\Desktop\TurboC++ for Windows 7.lnk
2016-09-01 17:05 - 2016-09-01 17:05 - 00000000 ____D C:\Users\Chinnu Achu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TurboC++ for Windows 7
2016-09-01 16:37 - 2016-09-05 01:16 - 00000000 ____D C:\Program Files\WinPcap
2016-09-01 16:32 - 2016-09-01 16:32 - 00890843 _____ C:\Users\Chinnu Achu\AppData\Local\census.cache
2016-09-01 16:29 - 2016-09-01 16:29 - 00924881 _____ C:\Users\Chinnu Achu\AppData\Local\ars.cache
2016-09-01 16:18 - 2016-09-01 16:18 - 00000000 ____D C:\Users\Chinnu Achu\AppData\Local\Turbo_C__
2016-09-01 16:17 - 2016-09-01 16:17 - 00002701 _____ C:\Users\Public\Desktop\Turbo C++.lnk
2016-09-01 16:17 - 2016-09-01 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbo C++
2016-09-01 16:17 - 2016-09-01 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Choudhary Corp
2016-09-01 16:16 - 2016-09-01 16:16 - 00000010 _____ C:\Users\Chinnu Achu\AppData\Local\sponge.last.runtime.cache
2016-09-01 16:07 - 2016-09-01 16:07 - 00000000 ____D C:\Windows\Trend Micro
2016-09-01 16:02 - 2015-12-24 18:33 - 00316168 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2016-09-01 14:16 - 2016-09-07 20:03 - 00000862 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-09-01 14:16 - 2016-09-07 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-09-01 14:16 - 2016-09-07 20:03 - 00000000 ____D C:\Program Files\RogueKiller
2016-08-20 00:18 - 2016-08-20 00:18 - 00001658 _____ C:\Users\Chinnu Achu\Desktop\Rkill.txt
2016-08-19 20:00 - 2016-08-19 20:00 - 00000000 ____H C:\Users\Chinnu Achu\Documents\Default.rdp
2016-08-17 00:11 - 2016-07-08 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 00:11 - 2016-07-08 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-12 20:17 - 2016-07-08 21:07 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-12 20:17 - 2016-07-08 21:07 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-12 20:17 - 2016-07-08 21:02 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-12 20:17 - 2016-07-08 21:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-12 20:17 - 2016-07-08 20:47 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-12 20:17 - 2016-07-08 20:47 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-08-12 20:17 - 2016-07-08 20:46 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-08-12 20:17 - 2016-07-08 20:33 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-12 20:17 - 2016-07-08 20:27 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-12 20:17 - 2016-07-08 20:26 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-12 20:17 - 2016-07-08 20:26 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-12 20:17 - 2016-07-08 20:25 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-08-12 20:17 - 2016-07-08 20:25 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-12 20:17 - 2016-07-08 20:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-08-12 20:16 - 2016-07-08 20:31 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-10 16:07 - 2016-08-10 16:07 - 00221662 _____ C:\Users\Chinnu Achu\Desktop\MicrosoftProgram_Install_and_Uninstall.meta.diagcab

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-09 13:04 - 2016-05-11 12:44 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-09 12:25 - 2009-07-14 10:15 - 00037520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-09 12:25 - 2009-07-14 10:15 - 00037520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-09 12:24 - 2016-07-07 20:29 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-09-09 12:22 - 2009-07-14 10:43 - 00791562 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-09 12:22 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\inf
2016-09-09 12:17 - 2016-04-02 18:00 - 00000000 ____D C:\Users\Chinnu Achu\AppData\Local\LogMeIn Rescue Applet
2016-09-09 12:17 - 2015-02-05 21:28 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0415c877da7f2.job
2016-09-09 12:16 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-09 01:17 - 2012-10-21 20:32 - 00965934 _____ C:\bdlog.txt
2016-09-08 16:25 - 2015-03-22 10:50 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C9105631-DD74-4630-8BAB-DE10BA03F774}
2016-09-08 00:30 - 2016-05-18 17:26 - 00000000 ____D C:\Windows\Panther
2016-09-08 00:06 - 2014-10-25 18:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-08 00:02 - 2014-10-25 18:56 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-07 22:38 - 2012-10-08 17:05 - 00000000 ____D C:\Users\Chinnu Achu
2016-09-07 22:31 - 2009-07-14 10:38 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-07 22:29 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\system32\NDF
2016-09-07 20:10 - 2015-03-30 18:20 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-09-07 15:02 - 2014-11-22 19:17 - 00000000 ____D C:\Users\Chinnu Achu\AppData\Local\XDM
2016-09-05 02:23 - 2013-03-21 21:32 - 00000000 ____D C:\Users\Chinnu Achu\AppData\Temp
2016-09-04 23:05 - 2015-03-30 18:20 - 00000000 ____D C:\Users\Chinnu Achu\AppData\Local\CrashDumps
2016-09-01 17:05 - 2016-07-04 22:33 - 00000000 ____D C:\TurboC++
2016-09-01 16:17 - 2015-06-20 12:08 - 00000000 ____D C:\TurboC3
2016-09-01 15:27 - 2014-03-27 20:17 - 00000000 ____D C:\Program Files\CCleaner
2016-09-01 14:14 - 2014-10-25 17:54 - 00000000 ____D C:\AdwCleaner
2016-08-30 20:30 - 2016-07-24 16:33 - 01603264 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2016-08-30 20:29 - 2016-07-24 16:33 - 00850464 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2016-08-19 20:14 - 2016-05-04 16:50 - 00002459 _____ C:\Users\Chinnu Achu\Desktop\Google Chrome.lnk
2016-08-19 19:46 - 2013-09-19 15:32 - 00000000 ____D C:\Windows\Minidump
2016-08-13 10:07 - 2015-04-07 18:50 - 00000000 ____D C:\Windows\system32\MRT
2016-08-13 09:51 - 2012-10-13 19:52 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-11 13:51 - 2009-07-14 11:02 - 00000000 ____D C:\Windows\system32\FxsTmp

==================== Files in the root of some directories =======

2014-09-01 13:48 - 2015-06-13 11:03 - 0000365 _____ () C:\Users\Chinnu Achu\AppData\Roaming\BNUNJU
2014-11-19 21:24 - 2014-11-19 21:24 - 0000002 _____ () C:\Users\Chinnu Achu\AppData\Roaming\history.zip.pwcdat
2014-09-01 13:48 - 2014-12-20 15:48 - 0000935 _____ () C:\Users\Chinnu Achu\AppData\Roaming\KAYSBN
2013-07-27 14:31 - 2013-07-28 14:31 - 0000057 _____ () C:\Users\Chinnu Achu\AppData\Roaming\WB.CFG
2013-06-21 14:31 - 2013-06-29 14:53 - 0000005 _____ () C:\Users\Chinnu Achu\AppData\Roaming\WBPU-Q2-TTL.DAT
2013-06-17 14:31 - 2013-07-20 15:31 - 0000005 _____ () C:\Users\Chinnu Achu\AppData\Roaming\WBPU-TTL.DAT
2016-09-01 16:29 - 2016-09-01 16:29 - 0924881 _____ () C:\Users\Chinnu Achu\AppData\Local\ars.cache
2016-09-01 16:32 - 2016-09-01 16:32 - 0890843 _____ () C:\Users\Chinnu Achu\AppData\Local\census.cache
2013-11-19 22:29 - 2013-11-19 22:29 - 0004608 _____ () C:\Users\Chinnu Achu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-20 23:31 - 2016-02-20 23:31 - 0000036 _____ () C:\Users\Chinnu Achu\AppData\Local\housecall.guid.cache
2014-03-15 22:03 - 2016-02-22 16:00 - 0007599 _____ () C:\Users\Chinnu Achu\AppData\Local\Resmon.ResmonCfg
2016-09-01 16:16 - 2016-09-01 16:16 - 0000010 _____ () C:\Users\Chinnu Achu\AppData\Local\sponge.last.runtime.cache
2012-07-24 19:59 - 2012-07-24 20:02 - 0002454 _____ () C:\ProgramData\clear.fiSDK20.log
2012-07-24 20:01 - 2012-07-24 20:01 - 0000032 _____ () C:\ProgramData\PS.log
2015-06-20 20:50 - 2011-10-04 22:06 - 0005632 _____ (Seyyed HosseiN Hasan Pour Matikolae) C:\ProgramData\Set-up Enviroment.exe
2015-06-20 20:50 - 2011-10-07 22:48 - 2108416 _____ () C:\ProgramData\SimEngine.exe
2015-02-05 11:37 - 2015-02-05 12:15 - 0000111 _____ () C:\ProgramData\spds90.txt

Files to move or delete:
====================
C:\ProgramData\Set-up Enviroment.exe
C:\ProgramData\SimEngine.exe


Some zero byte size files/folders:
==========================
C:\Windows\MSJAVA.DLL

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-27 22:06

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Chinnu Achu (09-09-2016 13:17:32)
Running from C:\Users\Chinnu Achu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05TJ0K2N
Windows 7 Ultimate Service Pack 1 (X64) (2012-10-08 11:35:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3836068884-3420196254-810653075-500 - Administrator - Disabled)
Chinnu Achu (S-1-5-21-3836068884-3420196254-810653075-1001 - Administrator - Enabled) => C:\Users\Chinnu Achu
Guest (S-1-5-21-3836068884-3420196254-810653075-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3836068884-3420196254-810653075-1007 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Instant Update Service (HKLM\...\{682EC6E8-A300-45FD-8F09-0F3A6EA334D6}) (Version: 1.00.3004 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.1107.1418 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
Basic Operation Guide EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Bog) (Version: - )
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.29.1517 - Bitdefender)
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.29.1517 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
clear.fi SDK - MVP 2 (x32 Version: 2.0.1505 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.0.1502 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DJ_AIO_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-302 303 305 306 Series Printer Uninstall (HKLM\...\EPSON XP-302 303 305 306 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fooz Kids (x32 Version: 3.1.2 - FUHU, Inc.) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\Google+ Auto Backup) (Version: 1.0.24.118 - Google, Inc.)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{D2F04839-0AD0-4F06-A6B5-6DFF05E27B67}) (Version: 11.50.0019 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
ImageMixer 3 SE Ver.6 Transfer Utility (HKLM-x32\...\{3A2AD071-AABD-4712-A43E-11D06BAA661D}) (Version: 6.00.017 - PIXELA)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Acer Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{62577E41-C350-3D07-97C8-2B6CDB4BAD60}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2003 - Nero AG)
Nero MediaHome Standard (HKLM-x32\...\{0427F7CC-CAC5-41CC-842D-C58C73545D70}) (Version: 17.0.00900 - Nero AG)
Network Guide EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Netg) (Version: - )
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9006 - NTI Corporation) Hidden
Opera Stable 25.0.1614.68 (HKLM-x32\...\Opera 25.0.1614.68) (Version: 25.0.1614.68 - Opera Software ASA)
Photo! Editor 1.1 (HKLM-x32\...\PhotoToolkit_is1) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Sony PC Companion 2.10.245 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.245 - Sony)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Turbo C++ 3.2 (HKLM-x32\...\{16FEECA3-A0BF-44ED-A894-C0E7B29FAA2B}) (Version: 3.2.2.0 - Turbo C++)
TurboC++ for Windows 3.7.8.9m_r (HKLM-x32\...\TurboC++ for Windows) (Version: 3.7.8.9m_r - NvSTECH)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
User's Guide EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Useg) (Version: - )
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2610 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.30.75 - Zemana Ltd.)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06B13674-F5A3-473A-AC01-8FC6B0F1CFEA} - System32\Tasks\{A5FB4114-3ED8-4A60-A475-AE09C6F0DCFF} => C:\TurboC3\Techapple.net\DOSBox.exe
Task: {07ECBD04-E207-4836-BC67-7E2A1C8DDF8A} - \PMMUpdate -> No File <==== ATTENTION
Task: {09D979A8-0F67-469C-B808-1B18B9EEC73C} - System32\Tasks\{24799213-ED32-4A45-9202-4E1620AD3B95} => C:\TurboC3\Techapple.net\DOSBox.exe
Task: {0AE8CD79-5B20-4E29-A959-90645C66C209} - \FacebookUpdateTaskUserS-1-5-21-3836068884-3420196254-810653075-1001Core -> No File <==== ATTENTION
Task: {0BE09442-B11F-4939-9DB2-DCDC9E436592} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {0C905E9A-6148-4091-BD33-333281FF7B1E} - System32\Tasks\{CB2FBABB-3DA5-40A8-9643-E4E0CA37DA54} => C:\TurboC3\Techapple.net\DOSBox.exe
Task: {0CF0E772-B702-4577-A6AE-A9170376F47B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {3CB40D8C-9416-4DEE-A34E-4AF256438969} - System32\Tasks\{F16F4973-C7A0-4B32-9030-913E427D7A7F} => C:\TurboC3\Techapple.net\DOSBox.exe
Task: {3FF2ACEA-56CC-4B73-ADD7-F00C1952CE3B} - \{04CB07FB-9FF7-46F4-95BA-11738009A678} -> No File <==== ATTENTION
Task: {4E61EC7B-FBBC-4F65-BA8D-009E53A068B3} - \FacebookUpdateTaskUserS-1-5-21-3836068884-3420196254-810653075-1001UA -> No File <==== ATTENTION
Task: {7D71C55D-F65B-4496-85ED-D505C3C2C54E} - System32\Tasks\GoogleUpdateTaskMachineCore1d0415c877da7f2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-11] (Google Inc.)
Task: {81BCA46B-D869-4E86-A4B5-DE1BDB4AB500} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {874B9934-E6E4-4815-8088-A1217F14AF12} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {8764F6CC-323B-4A7C-B5B3-2D722BC11F71} - \GoogleUpdateTaskUserS-1-5-21-3836068884-3420196254-810653075-1001Core -> No File <==== ATTENTION
Task: {8B2AC02C-4B94-4292-AA30-93B77C5E3ED9} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-03-01] (Nero AG)
Task: {ADF4D62A-A627-4407-A3B2-EA69444EFDD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-11] (Google Inc.)
Task: {AEBA88EC-E8E8-49DC-AA03-F2C2409D6B7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-18] (Adobe Systems Incorporated)
Task: {B775B869-B6EB-4A2A-BCD1-2FA0DFAB05DB} - \UALU notificatin -> No File <==== ATTENTION
Task: {C5672B65-309E-4400-9DE7-69854A94C343} - \GoogleUpdateTaskUserS-1-5-21-3836068884-3420196254-810653075-1001UA -> No File <==== ATTENTION
Task: {CFD6ABA3-C679-43B7-BEC9-9D7EB20BCBD3} - \EgisUpdate -> No File <==== ATTENTION
Task: {D8FBAFC1-EC89-4B86-B1D0-3F00AFAED4D4} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-06-14] (Bitdefender)
Task: {FC17D97C-D6CA-4C42-A4C3-03ADEC17719D} - \{72A5B22D-B07D-4F0B-A1A3-DE31B6418B8A} -> No File <==== ATTENTION
Task: {FF97563F-8CCE-40B3-B239-905C58F959B6} - System32\Tasks\{7178C5B9-877C-4877-9C4A-1FE6EB0249AA} => C:\TurboC3\Techapple.net\DOSBox.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cffef8455c6f17.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0415c877da7f2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Chinnu Achu\Desktop\Google Chrome.lnk -> C:\Users\Chinnu Achu\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2016-07-24 16:33 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-07-24 16:33 - 2016-05-09 11:29 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2016-07-24 16:33 - 2016-05-09 11:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2016-07-24 16:33 - 2016-05-09 11:29 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2016-07-24 16:33 - 2016-05-09 11:29 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-25 19:49 - 2015-03-14 01:11 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2016-09-07 22:14 - 2016-09-07 22:14 - 00123760 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-08-19 21:50 - 2015-08-19 21:50 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-03-25 19:49 - 2015-03-14 01:11 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:30366B92 [132]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [143]
AlternateDataStreams: C:\Users\Chinnu Achu\Downloads\hitmanpro_x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Chinnu Achu\Downloads\ninja.download.manager_build33.exe:BDU [0]
AlternateDataStreams: C:\Users\Chinnu Achu\Downloads\TFC.exe:BDU [0]
AlternateDataStreams: C:\Users\Chinnu Achu\Downloads\xdm5setup.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_23fcc973-a771-4fd9-a37a-8382f93953d5 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_39b8b34b-03c0-4938-baa0-131080b00e26 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> http://www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> http://www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> http://www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> http://www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> http://www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> http://www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> http://www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> http://www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> http://www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> http://www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> http://www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> http://www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> http://www.123simsen.com

There are 7871 more sites.

IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\008k.com -> http://www.008k.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\00hq.com -> http://www.00hq.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\0scan.com -> http://www.0scan.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\1-2005-search.com -> http://www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\1-domains-registrations.com -> http://www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\1000gratisproben.com -> http://www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\1001namen.com -> http://www.1001namen.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\100sexlinks.com -> http://www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\10sek.com -> http://www.10sek.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\123fporn.info -> http://www.123fporn.info
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\123haustiereundmehr.com -> http://www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\123moviedownload.com -> http://www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3836068884-3420196254-810653075-1001\...\123simsen.com -> http://www.123simsen.com

There are 7871 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-02-26 20:02 - 2016-09-09 13:17 - 00000835 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3836068884-3420196254-810653075-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Chinnu Achu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: DsiWMIService => 2
MSCONFIG\Services: EgisTec Ticket Service => 3
MSCONFIG\Services: ePowerSvc => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GamesAppIntegrationService => 3
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: GREGService => 2
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: Live Updater Service => 2
MSCONFIG\Services: LMIRescue_23fcc973-a771-4fd9-a37a-8382f93953d5 => 2
MSCONFIG\Services: LMIRescue_39b8b34b-03c0-4938-baa0-131080b00e26 => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MbaeSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: QHActiveDefense =>
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: TurboBoost => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: vToolbarUpdater18.1.9 => 3
MSCONFIG\Services: wltrysvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageMixer 3 SE Camera Monitor Ver.6.lnk => C:\Windows\pss\ImageMixer 3 SE Camera Monitor Ver.6.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Chinnu Achu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: (default) =>
MSCONFIG\startupreg: ALU => C:\Program Files\Acer\Acer Updater\ALU.exe -r
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG_UI =>
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DownloadAccelerator =>
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: InstallerLauncher =>
MSCONFIG\startupreg: InstantUpdate => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: K7TSStart =>
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: NPSStartup =>
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Power Management => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall =>
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{685EBFC0-BDFE-4E9D-A357-6872B635E967}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DAA36B76-6CA5-4561-9C6C-35B0E90022FA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{730FE899-F2AE-4A4D-82DB-D6473AF25183}] => (Allow) LPort=2869
FirewallRules: [{F679C459-3E9A-40E8-BC29-FF4BE8DD3DCB}] => (Allow) LPort=1900
FirewallRules: [{E0FD4498-63A9-4003-AF6D-4E62AFB985B7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{28512E8E-2F26-4E34-8048-77DEDDA36F61}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{14810436-B4C7-4968-9C44-8BF2911245F1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{4963DA13-4FA6-4F3C-B2A0-B478695839F6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{0EF51F73-519E-4196-B606-BC60A193FE8A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{7E16C6A1-C011-4619-AC80-587425B39444}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{D0CEEE09-9C09-47B3-AC50-C436468EEB7C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{F356287B-9030-4F8A-96CE-BF0D93E2AD48}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{A36DDAA1-3EF7-43A8-BCCB-6FFDE5AE3A5E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{2B08650C-B682-4122-9A50-8BB3FC0A9691}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{EE1512BF-9EB5-487A-AD42-35D82D7F7ECA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\VideoPlayer.exe
FirewallRules: [{ABAEE3BB-F6DF-461F-8389-79A56847737A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\MusicPlayer.exe
FirewallRules: [{19B19FCD-66BF-42DE-8C74-BD47585F54E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0482E8CC-9F44-4FA1-AFA7-DE8E37AA65B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8CABCE73-D09F-42AE-9255-060AC4E4A1E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{89C29D49-F40A-485C-8DB3-E8825B033129}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9EDFBAC1-40AC-4768-B0EA-CD8A704A6D5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6116C209-E4D4-4620-B3DF-7416D3F849A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{EAD8E684-6B45-477B-A6D4-1F30CD6A7646}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{DF430E6C-B016-416D-9976-C1F97A01EDE9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [{E2198A29-2FEC-4EDC-98C4-85174AC19534}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E315DFA0-DB2E-4350-B3ED-FAB351C24B47}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{13D1E37B-1706-4531-B4EF-D317E4EA7091}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{11B9BC60-CC20-4D96-8988-884BCFF9500D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DC9593C1-E6B4-4007-A978-8B2DD041EC81}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{6D8ED694-D9AA-4B61-AF55-6012C71258A4}] => (Allow) C:\Program Files (x86)\Nero\KM\MediaHome.exe
FirewallRules: [{B3D5B5DF-D059-423B-80DD-46BED415FE06}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{83C079FD-D448-44A0-AC04-694FD0E3BC5C}C:\users\chinnu achu\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\chinnu achu\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{463306D7-39DA-4A56-91C9-AE8B9957E2F2}C:\users\chinnu achu\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\chinnu achu\appdata\local\google\chrome\application\chrome.exe

==================== Restore Points =========================

10-08-2016 15:48:35 JRT Pre-Junkware Removal
10-08-2016 16:03:09 Removed Software Updater
13-08-2016 09:48:57 Windows Update
17-08-2016 00:43:49 Windows Update
30-08-2016 23:11:27 Windows Update
01-09-2016 16:16:49 Installed Turbo C++ 3.2.
07-09-2016 23:32:07 Checkpoint by HitmanPro
07-09-2016 23:32:49 Checkpoint by HitmanPro
07-09-2016 23:34:27 Checkpoint by HitmanPro
08-09-2016 00:25:53 Creating Restore Point. This may take several minutes...
09-09-2016 12:47:57 Windows Update

==================== Faulty Device Manager Devices =============

Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2016 05:39:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15600

Error: (09/08/2016 05:39:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15600

Error: (09/08/2016 05:39:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/07/2016 08:06:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (1548) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Chinnu Achu\AppData\Local\Microsoft\Windows\WebCache\V01007EA.log.

Error: (09/07/2016 07:56:41 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/07/2016 07:56:41 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/07/2016 07:56:41 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/07/2016 07:56:41 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (09/07/2016 07:56:37 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/07/2016 07:56:37 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (09/09/2016 12:23:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (09/09/2016 12:23:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (09/09/2016 12:23:29 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (09/09/2016 12:23:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (09/09/2016 12:23:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (09/09/2016 12:23:23 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (09/09/2016 12:22:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (09/09/2016 12:22:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (09/09/2016 12:22:38 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (09/09/2016 12:21:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535


CodeIntegrity:
===================================
Date: 2013-03-01 21:18:14.812
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00179_013\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 21:03:35.923
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00179_013\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 20:54:41.750
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00179_013\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 20:29:24.853
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00179_013\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 19:29:26.005
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00179_013\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 17:52:33.738
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00179_013\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 13:01:16.192
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00179_013\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 12:22:58.927
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00179_013\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 11:35:27.220
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00179_013\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 09:32:29.589
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00179_013\avcuf64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 44%
Total physical RAM: 5982.36 MB
Available physical RAM: 3296.73 MB
Total Virtual: 11962.89 MB
Available Virtual: 9023.85 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:500.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: C73FBAEE)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=680.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
MessiFan
Active Member
 
Posts: 2
Joined: September 8th, 2016, 3:22 pm
Advertisement
Register to Remove

Re: REGISTRY IS INFECTED!!

Unread postby mAL_rEm018 » September 15th, 2016, 11:59 pm

Hello MessiFan,

I apologize for the delay in getting to your topic. I think it was overlooked somehow.


Running from C:\Users\Chinnu Achu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05TJ0K2N

If you still need help please move FRST to your Desktop. If you can't find it, you can download a fresh copy from here.

Next..

  • Right-click on FRST64.exe and select Run as administrator.
  • Ensure that Addition.txt is checked.
  • Select Scan.
  • When the scan is over two windows will open, FRST.txt and Addition.txt.
  • Please post the contents of both logs in your next reply.

If you don't require help anymore, I would be very grateful if you could let me know.
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: REGISTRY IS INFECTED!!

Unread postby pgmigg » September 19th, 2016, 12:29 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 130 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware