Author Topic: [Inactive - K] Cannot enable or update Windows Security Essentials  (Read 4595 times)

Offline avs nikhil

  • Bronze Member
  • Posts: 33
When I open my laptop I notice a red icon marked with an X for my Microsoft security essentials.  As I open it, it states "PC status is at risk because your PC isn't being monitored because the app's service stopped.  You should start it now".  When I click "Start now" button nothing happens. Also i tried to start Microsoft  Anti-malware Service from service.msc but it gave me error 1067 : the process terminated unexpectedly - Microsoft Anti-malware Services.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840  BrowserJavaVersion: 10.65.2
Run by nikhi at 2:30:22 on 2015-06-29
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.61.1033.18.8084.2383 [GMT 5.5:30]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Connectify\ConnectifyService.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Connectify\ConnectifyD.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\SysWOW64\irstrtsv.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\xampp\mysql\bin\mysqld.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe
C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\GoogleCrashHandler.exe
C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Cypress\TrackPad\CyHidWin.exe
C:\Program Files\Cypress\TrackPad\CyCpIo.exe
C:\Windows\System32\rundll32.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell Update\DellUpService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Dell\DellDataVault\DellDataVault.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = Preserve
uProxyServer = hxxp=10.93.0.37:3333;https=10.93.0.37:3333;ftp=10.93.0.37:3333
uProxyOverride = <local>
uWindows: Load = C:\ProgramData\msnoduq.exe
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Face recognition web login for FastAccess: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} -
uRun: [GoogleChromeAutoLaunch_CC670EC9C0039784BBC144C8FE53E009] "C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Google Update] "C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_190_ActiveX.exe -update activex
mRun: [FAStartup] <no file>
StartupFolder: C:\Users\nikhi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: TaskbarNoNotification = dword:1
mPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
TCP: NameServer = 10.24.0.193 10.65.0.3
TCP: Interfaces\{039EE222-7F10-4B8F-B359-751EC810EF8B} : DHCPNameServer = 10.24.0.193 10.65.0.3
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\2656C6B696E6E2131656 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\2656C6B696E6E233669363 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\346494D223 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\34D43502C41424 : DHCPNameServer = 10.24.0.193 10.65.0.3
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\3516378616F574275697 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\3637372716F6F577966696 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\85254402C41626 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\9447F584562747A7F5778656E6F59405F5537484A7 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\D416C6C657F52456C6B696E6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\D416C6C657F52456C6B696E6F5537484A7 : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages =  scecli FAPassSync
x64-mStart Page = about:blank
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Face recognition web login for FastAccess: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [CyHidWin] C:\Program Files\Cypress\TrackPad\CyHidWin.exe
x64-Run: [CyCpIo] C:\Program Files\Cypress\TrackPad\CyCpIo.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [VISIONTEK 3G USB MODEM] <no file>
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist Corporate\1084\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 10.24.0.171 cclicserver.iitm.ac.in leo
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\nikhi\AppData\Roaming\Mozilla\Firefox\Profiles\emxei7vq.default\
FF - prefs.js: network.proxy.ftp - hproxy.iitm.ac.in
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - hproxy.iitm.ac.in
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - hproxy.iitm.ac.in
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - hproxy.iitm.ac.in
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npCortona.dll
FF - plugin: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.1.0.5292844\npmathplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\nikhi\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2015-6-1 31560]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-3-29 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-3-29 21616]
R1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64;{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64;C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [2014-7-14 61112]
R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\System32\drivers\cnnctfy2.sys [2012-11-19 31344]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-1-31 283200]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2015-6-1 299664]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-3-29 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-20 661504]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-21 135440]
R2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2011-8-21 13312]
R2 DellDataVault;Dell Data Vault;C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2015-2-26 2557136]
R2 DellDataVaultWiz;Dell Data Vault Wizard;C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2015-2-26 201936]
R2 DellUpdate;Dell Update Service;C:\Program Files (x86)\Dell Update\DellUpService.exe [2015-5-20 232152]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2011-8-19 2451440]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-6-1 1152656]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2015-3-2 182696]
R2 irstrtsv;Intel(R) Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2012-3-29 184320]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-6-1 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-6-1 23006864]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-3-29 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-6-1 410768]
R2 SupportAssistAgent;Dell SupportAssist Agent;C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2015-4-10 19288]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-30 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-3-29 2656280]
R2 VSSS;Volume Shadow Copy Service;C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [2015-6-23 104873984]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2012-3-29 27760]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-10-20 195072]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-3-29 176096]
R3 cyhid;Cypress Input Device;C:\Windows\System32\drivers\cyhid.sys [2012-3-29 117248]
R3 cykbfltrService;Cypress Keyboard Filter Driver;C:\Windows\System32\drivers\cykbfltr.sys [2012-3-29 13824]
R3 cymfltrService;Cypress Trackpad Filter Driver;C:\Windows\System32\drivers\cymfltr.sys [2012-3-29 79872]
R3 DDDriver;DDDriver;C:\Windows\System32\drivers\DDDriver64Dcsa.sys [2015-2-26 23760]
R3 DellProf;DellProf;C:\Windows\System32\drivers\DellProf.sys [2015-2-26 23312]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-29 317440]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;C:\Windows\System32\drivers\irstrtdv.sys [2012-3-29 26504]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-5-17 25496]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-3-29 76912]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-3-29 95744]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-3-29 212992]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-6-1 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-6-1 38032]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 Flexlm Service 1;Flexlm Service 1;C:\SIMULIA\License\lmgrd.exe [2014-11-14 1767688]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 Texis Monitor;Texis Monitor;C:\SIMULIA\Documentation\monitor.exe [2014-10-17 4493312]
S2 WindowsMangerProtect;WindowsMangerProtect Service;C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service --> C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [?]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-10-20 195072]
S3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-19 51712]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-8-30 53760]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-10-11 288768]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-9-23 110336]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-25 238848]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-6-10 114688]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-3-29 158976]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-5-17 34200]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2012-3-29 172632]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-1 340240]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2015-3-4 124568]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2012-3-29 291648]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2013-5-13 27336]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2013-5-13 73216]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-9-23 206080]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-29 1255736]
S3 WCDMA_Datacard_Usb_Ser;WCDMA Datacard Multimedia USB Driver;C:\Windows\System32\drivers\WCDMA_Datacard_Usb_Ser.sys [2014-5-20 121088]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== File Associations ===============
.
FileExt: .js: JSFile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
.
=============== Created Last 30 ================
.
2015-06-25 09:30:04   --------   d-----w-   C:\Users\nikhi\AppData\Roaming\deskPDF
2015-06-25 07:41:15   1415680   ----a-w-   C:\Program Files\YCW7C7OZ.exe
2015-06-25 07:40:30   1415680   ----a-w-   C:\Program Files\KWU6420E.exe
2015-06-25 07:40:20   1415680   ----a-w-   C:\Program Files\KVALT195.exe
2015-06-25 07:40:10   1415680   ----a-w-   C:\Program Files\WY027MOY.exe
2015-06-25 07:39:58   1415680   ----a-w-   C:\Program Files\Y0579BG3.exe
2015-06-25 07:39:48   1415680   ----a-w-   C:\Program Files\OKSXZ46W.exe
2015-06-25 07:39:38   1415680   ----a-w-   C:\Program Files\KM138ACM.exe
2015-06-25 07:39:26   1415680   ----a-w-   C:\Program Files\NPUWY05S.exe
2015-06-25 07:39:16   1415680   ----a-w-   C:\Program Files\KYGOW4F8.exe
2015-06-25 07:39:06   1415680   ----a-w-   C:\Program Files\GINPR6BY.exe
2015-06-25 02:36:30   1415680   ----a-w-   C:\Program Files\J6N1LZX2.exe
2015-06-25 02:35:42   1415680   ----a-w-   C:\Program Files\0AL2AL5U.exe
2015-06-25 02:35:29   1415680   ----a-w-   C:\Program Files\0CA8KIGU.exe
2015-06-25 02:35:19   1415680   ----a-w-   C:\Program Files\MYWUS42G.exe
2015-06-25 02:35:09   1415680   ----a-w-   C:\Program Files\JOKV02KU.exe
2015-06-25 02:34:57   1415680   ----a-w-   C:\Program Files\57MOTVXK.exe
2015-06-25 02:34:47   1415680   ----a-w-   C:\Program Files\R2AIK19O.exe
2015-06-25 02:34:37   1415680   ----a-w-   C:\Program Files\ZEGINPRA.exe
2015-06-25 02:34:25   1415680   ----a-w-   C:\Program Files\Y0279BD3.exe
2015-06-25 02:34:15   1415680   ----a-w-   C:\Program Files\KPRWY02M.exe
2015-06-25 02:34:05   1415680   ----a-w-   C:\Program Files\SX5D27IT.exe
2015-06-25 02:33:55   12221144   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{772FA0AE-79EE-4E8E-8A4D-4518EF73DE55}\mpengine.dll
2015-06-25 01:24:09   929844   ----a-w-   C:\Windows\SysWow64\Mfc42d.dll
2015-06-25 01:24:09   798773   ----a-w-   C:\Windows\SysWow64\Mfco42d.dll
2015-06-25 01:24:09   565760   ----a-w-   C:\Windows\SysWow64\Msvcp50.dll
2015-06-25 01:24:09   516173   ----a-w-   C:\Windows\SysWow64\Msvcp60d.dll
2015-06-25 01:24:09   499782   ----a-w-   C:\Windows\SysWow64\CJ60Libd.dll
2015-06-25 01:24:09   427520   ----a-w-   C:\Windows\SysWow64\Dformd.dll
2015-06-25 01:24:09   420864   ----a-w-   C:\Windows\SysWow64\Dforrt.dll
2015-06-25 01:24:09   401484   ----a-w-   C:\Windows\SysWow64\Msvcrtd.dll
2015-06-25 01:24:09   36352   ----a-w-   C:\Windows\SysWow64\Sx32w.dll
2015-06-25 01:24:09   339968   ----a-w-   C:\Windows\SysWow64\QHTM.dll
2015-06-25 01:24:09   --------   d-----w-   C:\Program Files (x86)\Powergraphy
2015-06-25 01:22:55   303616   ----a-w-   C:\Windows\IsUninst.exe
2015-06-25 00:22:45   1415680   ----a-w-   C:\Program Files\CHJLNSUW.exe
2015-06-24 23:47:08   --------   d-----w-   C:\Program Files (x86)\Windows Resource Kits
2015-06-24 10:06:46   1415680   ----a-w-   C:\Program Files\79BGIKMR.exe
2015-06-24 10:06:42   1415680   ----a-w-   C:\Program Files\9BDFKMOE.exe
2015-06-24 09:45:18   --------   d-----w-   C:\Program Files (x86)\Microsoft Security Client
2015-06-24 09:45:17   --------   d-----w-   C:\Program Files\Microsoft Security Client
2015-06-24 07:21:05   --------   d-s---w-   C:\Windows\SysWow64\Microsoft
2015-06-24 06:59:12   --------   d-----w-   C:\SFCFix
2015-06-24 06:43:04   --------   d-----w-   C:\Users\nikhi\AppData\Local\niemiro
2015-06-23 19:40:28   --------   d-----w-   C:\Users\nikhi\AppData\Local\AvastSupport
2015-06-23 18:11:07   --------   d-----w-   C:\ProgramData\AVAST Software
2015-06-23 15:33:56   104873984   ----a-w-   C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
2015-06-16 17:46:23   --------   d-----w-   C:\Users\nikhi\AppData\Local\Help
2015-06-16 17:46:07   9216   ----a-w-   C:\Windows\SysWow64\ftlx0411.dll
2015-06-16 17:46:07   9216   ----a-w-   C:\Windows\System32\ftlx0411.dll
2015-06-16 17:46:07   296960   ----a-w-   C:\Windows\winhlp32.exe
2015-06-16 17:46:07   195072   ----a-w-   C:\Windows\SysWow64\ftsrch.dll
2015-06-16 17:46:07   195072   ----a-w-   C:\Windows\System32\ftsrch.dll
2015-06-16 17:46:07   10240   ----a-w-   C:\Windows\SysWow64\ftlx041e.dll
2015-06-16 17:46:07   10240   ----a-w-   C:\Windows\System32\ftlx041e.dll
2015-06-12 05:56:07   --------   d-----w-   C:\Program Files (x86)\Dell Update
2015-06-09 18:40:59   879104   ----a-w-   C:\Windows\System32\advapi32.dll
2015-06-08 04:10:57   --------   d-----w-   C:\Program Files\Common Files\Wolfram Research
2015-06-08 04:10:57   --------   d-----w-   C:\Program Files (x86)\Common Files\Wolfram Research
2015-06-08 04:10:57   --------   d-----w-   C:\Program Files (x86)\Common Files\ResearchSoft
2015-06-08 04:03:32   --------   d-----w-   C:\Program Files\Wolfram Research
2015-06-07 16:28:30   --------   d-----w-   C:\Users\nikhi\AppData\Roaming\IDM
2015-06-07 16:28:08   --------   d-----w-   C:\Program Files (x86)\Internet Download Manager
2015-06-07 07:20:30   --------   d-----w-   C:\Users\nikhi\AppData\Local\Wolfram Research
2015-06-06 10:57:57   --------   d-----w-   C:\Users\nikhi\AppData\Roaming\MathematicaPlayer
2015-06-06 10:57:57   --------   d-----w-   C:\Users\nikhi\AppData\Local\MathematicaPlayer
2015-06-06 10:57:57   --------   d-----w-   C:\ProgramData\MathematicaPlayer
2015-06-06 10:56:51   --------   d-----w-   C:\Program Files (x86)\Wolfram Research
2015-06-05 07:04:40   700416   ----a-w-   C:\Windows\System32\generaltel.dll
2015-06-05 07:04:40   1021440   ----a-w-   C:\Windows\System32\appraiser.dll
2015-06-05 07:04:39   757248   ----a-w-   C:\Windows\System32\invagent.dll
2015-06-05 07:04:39   45568   ----a-w-   C:\Windows\System32\acmigration.dll
2015-06-05 07:04:39   423424   ----a-w-   C:\Windows\System32\devinv.dll
2015-06-05 07:04:39   227328   ----a-w-   C:\Windows\System32\aepdu.dll
2015-06-05 07:04:39   193536   ----a-w-   C:\Windows\System32\aepic.dll
2015-06-05 07:04:39   1119232   ----a-w-   C:\Windows\System32\aeinv.dll
2015-06-03 04:55:28   --------   d-----w-   C:\Users\nikhi\AppData\Local\Windows Live
2015-06-03 04:55:26   --------   d-----w-   C:\Users\nikhi\AppData\Local\{A7FC2C82-9BB2-4D58-AED0-57B4037E5BB8}
2015-06-03 04:55:26   --------   d-----w-   C:\Users\nikhi\AppData\Local\{9ACA744F-466D-41A1-9370-3530A0354075}
2015-06-02 18:53:00   --------   d-----w-   C:\Users\nikhi\AppData\Local\Luiz Fernando
2015-06-02 18:48:31   --------   d-----w-   C:\Program Files (x86)\GIF Viewer
2015-06-01 15:07:35   --------   d-----w-   C:\Users\nikhi\AppData\Local\GWX
2015-06-01 15:04:04   --------   d-----w-   C:\Users\nikhi\AppData\Local\NVIDIA Corporation
2015-06-01 15:04:00   --------   d-----w-   C:\Users\nikhi\AppData\Local\NVIDIA
2015-06-01 15:00:18   1756424   ----a-w-   C:\Windows\System32\nvspbridge64.dll
2015-06-01 15:00:18   1571696   ----a-w-   C:\Windows\System32\nvspcap64.dll
2015-06-01 15:00:18   1320304   ----a-w-   C:\Windows\SysWow64\nvspcap.dll
2015-06-01 15:00:18   1316000   ----a-w-   C:\Windows\SysWow64\nvspbridge.dll
2015-06-01 14:59:46   571024   ----a-w-   C:\Windows\SysWow64\nvStreaming.exe
2015-06-01 14:59:44   --------   d-----w-   C:\Windows\SysWow64\NV
2015-06-01 14:59:44   --------   d-----w-   C:\Windows\System32\NV
2015-06-01 14:56:08   --------   d-----w-   C:\NVIDIA
2015-05-31 06:58:17   --------   d-----w-   C:\Program Files (x86)\EPUB File Reader
.
==================== Find3M  ====================
.
2015-06-24 02:40:06   778416   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2015-06-24 02:40:06   142512   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-28 04:15:30   937288   ----a-w-   C:\Windows\System32\nvvsvc.exe
2015-05-28 04:15:29   75080   ----a-w-   C:\Windows\System32\nv3dappshextr.dll
2015-05-28 04:15:29   62608   ----a-w-   C:\Windows\System32\nvshext.dll
2015-05-28 04:15:29   385168   ----a-w-   C:\Windows\System32\nvmctray.dll
2015-05-28 04:15:29   3491984   ----a-w-   C:\Windows\System32\nvsvc64.dll
2015-05-28 04:15:29   2558608   ----a-w-   C:\Windows\System32\nvsvcr.dll
2015-05-28 04:15:29   1059472   ----a-w-   C:\Windows\System32\nv3dappshext.dll
2015-05-28 04:15:28   6872904   ----a-w-   C:\Windows\System32\nvcpl.dll
2015-05-27 10:48:20   4408727   ----a-w-   C:\Windows\System32\nvcoproc.bin
2015-05-26 18:56:04   377   ----a-w-   C:\Windows\SysWow64\Delete.bat
2015-05-26 18:53:11   40960   ----a-w-   C:\Windows\SysWow64\nwsftUninstall.exe
2015-05-25 18:24:00   5569984   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2015-05-25 18:23:59   95680   ----a-w-   C:\Windows\System32\drivers\ksecdd.sys
2015-05-25 18:23:59   155584   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
2015-05-25 18:21:21   1728960   ----a-w-   C:\Windows\System32\ntdll.dll
2015-05-25 18:18:56   43520   ----a-w-   C:\Windows\System32\csrsrv.dll
2015-05-25 18:18:56   22016   ----a-w-   C:\Windows\System32\credssp.dll
2015-05-25 18:18:45   47104   ----a-w-   C:\Windows\System32\typeperf.exe
2015-05-25 18:18:45   404992   ----a-w-   C:\Windows\System32\tracerpt.exe
2015-05-25 18:18:39   112640   ----a-w-   C:\Windows\System32\smss.exe
2015-05-25 18:18:32   296960   ----a-w-   C:\Windows\System32\rstrui.exe
2015-05-25 18:18:30   43008   ----a-w-   C:\Windows\System32\relog.exe
2015-05-25 18:18:19   31232   ----a-w-   C:\Windows\System32\lsass.exe
2015-05-25 18:18:19   104448   ----a-w-   C:\Windows\System32\logman.exe
2015-05-25 18:18:11   19456   ----a-w-   C:\Windows\System32\diskperf.exe
2015-05-25 18:18:08   338432   ----a-w-   C:\Windows\System32\conhost.exe
2015-05-25 18:18:04   64000   ----a-w-   C:\Windows\System32\auditpol.exe
2015-05-25 18:14:26   60416   ----a-w-   C:\Windows\System32\msobjs.dll
2015-05-25 18:14:04   146432   ----a-w-   C:\Windows\System32\msaudite.dll
2015-05-25 18:07:34   3989440   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07:34   3934144   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04:08   1310744   ----a-w-   C:\Windows\SysWow64\ntdll.dll
2015-05-25 18:00:44   40448   ----a-w-   C:\Windows\SysWow64\typeperf.exe
2015-05-25 18:00:40   364544   ----a-w-   C:\Windows\SysWow64\tracerpt.exe
2015-05-25 18:00:28   25600   ----a-w-   C:\Windows\SysWow64\setup16.exe
2015-05-25 18:00:25   37888   ----a-w-   C:\Windows\SysWow64\relog.exe
2015-05-25 18:00:17   82944   ----a-w-   C:\Windows\SysWow64\logman.exe
2015-05-25 18:00:09   17408   ----a-w-   C:\Windows\SysWow64\diskperf.exe
2015-05-25 18:00:04   50176   ----a-w-   C:\Windows\SysWow64\auditpol.exe
2015-05-25 17:59:52   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2015-05-25 17:59:52   5120   ----a-w-   C:\Windows\SysWow64\wow32.dll
2015-05-25 17:59:51   274944   ----a-w-   C:\Windows\SysWow64\KernelBase.dll
2015-05-25 17:57:31   60416   ----a-w-   C:\Windows\SysWow64\msobjs.dll
2015-05-25 17:57:15   146432   ----a-w-   C:\Windows\SysWow64\msaudite.dll
2015-05-25 17:08:39   3206144   ----a-w-   C:\Windows\System32\win32k.sys
2015-05-25 17:00:56   36864   ----a-w-   C:\Windows\System32\UtcResources.dll
2015-05-25 16:50:38   7680   ----a-w-   C:\Windows\SysWow64\instnm.exe
2015-05-25 16:50:36   2048   ----a-w-   C:\Windows\SysWow64\user.exe
2015-05-25 16:48:25   6144   ---ha-w-   C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-05-25 16:48:25   4608   ---ha-w-   C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 16:48:25   3584   ---ha-w-   C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 16:48:25   3072   ---ha-w-   C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-05-23 03:28:17   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2015-05-23 03:15:54   503808   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2015-05-23 03:15:40   62464   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2015-05-23 03:15:02   47616   ----a-w-   C:\Windows\SysWow64\ieetwproxystub.dll
2015-05-23 03:14:51   341504   ----a-w-   C:\Windows\SysWow64\html.iec
2015-05-23 03:13:48   64000   ----a-w-   C:\Windows\SysWow64\MshtmlDac.dll
2015-05-23 03:05:21   115712   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2015-05-23 03:04:50   620032   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2015-05-23 02:52:43   60416   ----a-w-   C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-05-23 02:47:31   4305920   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2015-05-23 02:37:45   2052608   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2015-05-23 02:37:25   1155072   ----a-w-   C:\Windows\SysWow64\mshtmlmedia.dll
2015-05-23 02:20:35   1950720   ----a-w-   C:\Windows\SysWow64\wininet.dll
2015-05-22 19:16:55   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2015-05-22 19:16:44   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2015-05-22 19:01:42   66560   ----a-w-   C:\Windows\System32\iesetup.dll
2015-05-22 19:00:54   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2015-05-22 19:00:47   417792   ----a-w-   C:\Windows\System32\html.iec
2015-05-22 19:00:25   584192   ----a-w-   C:\Windows\System32\vbscript.dll
2015-05-22 18:59:27   88064   ----a-w-   C:\Windows\System32\MshtmlDac.dll
2015-05-22 18:52:21   6026240   ----a-w-   C:\Windows\System32\jscript9.dll
2015-05-22 18:47:49   144384   ----a-w-   C:\Windows\System32\ieUnatt.exe
2015-05-22 18:47:34   114688   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2015-05-22 18:47:03   814080   ----a-w-   C:\Windows\System32\jscript9diag.dll
2015-05-22 18:40:17   968704   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2015-05-22 18:29:31   77824   ----a-w-   C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-05-22 18:05:28   1359360   ----a-w-   C:\Windows\System32\mshtmlmedia.dll
2015-05-22 18:05:06   2125824   ----a-w-   C:\Windows\System32\inetcpl.cpl
2015-05-22 17:50:20   2426880   ----a-w-   C:\Windows\System32\wininet.dll
2015-05-01 13:17:03   124112   ----a-w-   C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16:41   102608   ----a-w-   C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-29 18:21:50   5120   ----a-w-   C:\Windows\System32\msdxm.ocx
2015-04-29 18:21:50   5120   ----a-w-   C:\Windows\System32\dxmasf.dll
2015-04-29 18:21:46   9728   ----a-w-   C:\Windows\System32\spwmp.dll
2015-04-29 18:19:43   12625920   ----a-w-   C:\Windows\System32\wmploc.DLL
2015-04-29 18:07:12   4096   ----a-w-   C:\Windows\SysWow64\msdxm.ocx
2015-04-29 18:07:12   4096   ----a-w-   C:\Windows\SysWow64\dxmasf.dll
2015-04-29 18:07:07   8192   ----a-w-   C:\Windows\SysWow64\spwmp.dll
2015-04-29 18:05:19   12625408   ----a-w-   C:\Windows\SysWow64\wmploc.DLL
2015-04-24 18:17:26   633856   ----a-w-   C:\Windows\System32\comctl32.dll
2015-04-24 17:56:58   530432   ----a-w-   C:\Windows\SysWow64\comctl32.dll
2015-04-20 03:17:07   1647104   ----a-w-   C:\Windows\System32\DWrite.dll
2015-04-20 03:17:07   1179136   ----a-w-   C:\Windows\System32\FntCache.dll
2015-04-20 02:56:29   1250816   ----a-w-   C:\Windows\SysWow64\DWrite.dll
2015-04-18 03:10:57   460800   ----a-w-   C:\Windows\System32\certcli.dll
2015-04-18 02:56:57   342016   ----a-w-   C:\Windows\SysWow64\certcli.dll
.
============= FINISH:  2:30:35.20 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 30/04/2012 7:26:32 AM
System Uptime: 25/06/2015 1:08:49 PM (85 hours ago)
.
Motherboard: Dell Inc. |  | 00WW5M
Processor: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz | CPU | 2801/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 211 GiB total, 34.741 GiB free.
D: is CDROM ()
G: is CDROM ()
Y: is FIXED (NTFS) - 20 GiB total, 10.514 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
.
==== End Of File ===========================

« Last Edit: July 05, 2015, 02:33:33 AM by kevinf80 »



Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #1 on: June 28, 2015, 05:02:07 PM »
Hello and welcome to SpywareHammer,

My screen name is kevinf80, either that or Kevin is good for replies. Ok lets continue:

P2P/illegal software Warning:

Quote
If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here. Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the Forum policy on P2P and Illegal Software.

Next,

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Next,

Follow the instructions in the following link to show hidden files:

http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/

Next,

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.
'Could not load DDA driver'

  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.

To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

  • Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....
Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either accept the alert or disable your security and allow FRST to run...

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Next,

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes select "Report", log will open. Close the program > Don't Fix anything!
  • Post back the report which should also be located here:

C:\Programdata\RogueKiller\Logs <-------- W7/8
C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <------XP


Let me see those logs in your reply....

Thank you,

Kevin...

Offline avs nikhil

  • Bronze Member
  • Posts: 33
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #2 on: June 29, 2015, 01:59:06 AM »
Hi kevin,

I have uninstalled all the P2P software (DC++ and utorrent) from my PC. Please do inform me if i need to remove any other software.

I've also changed the destination folder for downloads to desktop.

i've downloaded MBAM (MalwareBytes' anti malware) and followed the installation procedure.

BUT nothing happens when i launch MBAM. I tried running as administrator also, but with no luck.

Shall i Continue with rest of ur instructions, skipping this step?

Thank you very much for your efforts!!


Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #3 on: June 29, 2015, 03:35:09 AM »
Hello avs nikhil,

Thanks for the repy/update, yes continue and missout out any steps that will not run..

Kevin..

Offline avs nikhil

  • Bronze Member
  • Posts: 33
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #4 on: June 29, 2015, 05:45:27 AM »
Hi Kevin,

U can call me Nikhil. All the log files wont fit in one post, so i'm splitting them into two posts. 'Part 1'

I installed MBAM in safe mode and it ran successfully. Here is the log file content -

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 29/06/2015
Scan Time: 2:39:23 PM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.03.09.05
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: nikhi

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 386868
Time Elapsed: 7 min, 27 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64, Quarantined, [3247142fa4e6d85ea0c94f7da85b7f81],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, Quarantined, [bcbdfc47494188ae553e08acfc0743bd],
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, Quarantined, [68111e255436ea4c23b37942e023d927],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [1e5b96ad147663d3b42310ab0ef5f808],
PUP.Optional.FastStart.A, HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\SOFTWARE\MOZILLA\EXTENDS, Quarantined, [4c2d1a296129c86e00b5a61d45beac54],

Registry Values: 3
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_in_26, Quarantined, [fe7bf84b37538caaed5c3fa3f211ac54],
Trojan.Agent, HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load, C:\ProgramData\msnoduq.exe, Quarantined, [30493211bdcd7eb8c063f66f60a4dd23]
PUP.Optional.FastStart.A, HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Quarantined, [4c2d1a296129c86e00b5a61d45beac54]

Registry Data: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[b9c047fc5139999d465498493acbea16]

Folders: 1
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, Quarantined, [2e4b59ea107ab97d20b0fed06a997a86],

Files: 6
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys, Delete-on-Reboot, [6e1523e50082141bcad5ac6315c3d331],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, Quarantined, [2e4b59ea107ab97d20b0fed06a997a86],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, Quarantined, [2e4b59ea107ab97d20b0fed06a997a86],
PUP.Optional.Vbates.A, C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljmibnagodajacnnbifpamhggcohblip_0.localstorage, Quarantined, [28515ae9494194a2d25c319ef1123fc1],
PUP.Optional.Vbates.A, C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljmibnagodajacnnbifpamhggcohblip_0.localstorage-journal, Quarantined, [087158eb2f5bb482b27c705f9370a65a],
PUP.Optional.WebsSearches.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml, Quarantined, [3742a99a5f2b7fb728d802e7f80b43bd],

Physical Sectors: 0
(No malicious items detected)


(end)

Offline avs nikhil

  • Bronze Member
  • Posts: 33
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #5 on: June 29, 2015, 05:51:33 AM »
Hi Kevin,

'part 2' of the post

I installed Faber recovery scan tool in safe mode with networking. It ran successfully. Here is the FRST text file content-

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by nikhi (administrator) on NIKHIL-PC on 29-06-2015 16:46:16
Running from C:\Users\nikhi\Desktop
Loaded Profiles: nikhi (Available Profiles: nikhi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7214696 2011-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4146848 2011-07-13] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-11-01] (Intel(R) Corporation)
HKLM\...\Run: [CyHidWin] => C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2354176 2011-10-19] (Cypress Semiconductor, Inc.)
HKLM\...\Run: [CyCpIo] => C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2375168 2011-11-09] (Cypress Semiconductor Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [VISIONTEK 3G USB MODEM] => [X]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [96240 2011-08-19] (Sensible Vision )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-04-14] (Malwarebytes Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist Corporate\1084\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2011-08-19] (Sensible Vision )
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Run: [GoogleChromeAutoLaunch_CC670EC9C0039784BBC144C8FE53E009] => C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Run: [Google Update] => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-29] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175880 2015-05-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-28] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\nikhi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk [2013-09-01]
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-2052094510-1569341030-3252781033-1001] => http=10.93.0.37:3333;https=10.93.0.37:3333;ftp=10.93.0.37:3333
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {866926D5-EF0F-4343-98DC-FEDF90CF55CA} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {866926D5-EF0F-4343-98DC-FEDF90CF55CA} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001 -> {866926D5-EF0F-4343-98DC-FEDF90CF55CA} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2011-08-19] (Sensible Vision )
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-29] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2011-08-19] (Sensible Vision )
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-29] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.24.0.193 10.65.0.3
Tcpip\..\Interfaces\{039EE222-7F10-4B8F-B359-751EC810EF8B}: [DhcpNameServer] 10.24.0.193 10.65.0.3
Tcpip\..\Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\nikhi\AppData\Roaming\Mozilla\Firefox\Profiles\emxei7vq.default
FF NetworkProxy: "backup.ftp", "hproxy.iitm.ac.in"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "hproxy.iitm.ac.in"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "hproxy.iitm.ac.in"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "hproxy.iitm.ac.in"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "hproxy.iitm.ac.in"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "hproxy.iitm.ac.in"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "hproxy.iitm.ac.in"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npCortona.dll [2009-06-01] (ParallelGraphics)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.1.0.5292844\npmathplugin.dll [2015-03-24] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2052094510-1569341030-3252781033-1001: @citrixonline.com/appdetectorplugin -> C:\Users\nikhi\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-27] (Citrix Online)
FF Plugin HKU\S-1-5-21-2052094510-1569341030-3252781033-1001: @tools.google.com/Google Update;version=3 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-2052094510-1569341030-3252781033-1001: @tools.google.com/Google Update;version=9 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-13] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCortona.dll [2009-06-01] (ParallelGraphics)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\nikhi\AppData\Roaming\Mozilla\Firefox\Profiles\emxei7vq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2012-03-29]

Chrome:
=======
CHR Profile: C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-27]
CHR Extension: (YouTube) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-29]
CHR Extension: (Google Search) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-29]
CHR Extension: (FlashCards) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\diejjofgldkjkhmfjagdjdodjebpglhb [2012-07-29]
CHR Extension: (Dropbox for Gmail) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-06-29]
CHR Extension: (Proxy SwitchySharp) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2012-11-01]
CHR Extension: (Gmail Offline) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2012-10-03]
CHR Extension: (Web Lab) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgacgeibpdjllcjckbmgecpahipdjabe [2012-07-29]
CHR Extension: (Downloads Router) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkboeogiiklpklnjgdiaghaiehcknjo [2015-06-04]
CHR Extension: (AdBlock) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-04]
CHR Extension: (AdBlock Plus) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\golcpiifbdpfpldfmjjlgjcocfllkkam [2014-07-14]
CHR Extension: (Wiki-It) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\himihkiolakpnmfdkgdjnakpbiibabea [2013-08-27]
CHR Extension: (mysms - SMS from Computer) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2012-10-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Tom Sachs) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lppegiodmddaaljhkfjokkepamifbekj [2012-07-29]
CHR Extension: (Google Wallet) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Type Fu (hosted)) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo [2012-07-29]
CHR Extension: (Recent Bookmarks) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\olndffocioplakeilhkgenfgdincjlpn [2013-12-01]
CHR Extension: (Gmail) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-29]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [13312 2011-08-21] () [File not signed]
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
S2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232152 2015-05-20] (Dell Inc.)
S2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2451440 2011-08-19] (Sensible Vision ) [File not signed]
S2 Flexlm Service 1; C:\SIMULIA\License\lmgrd.exe [1767688 2011-07-18] (Acresso Software Inc.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-28] (NVIDIA Corporation)
S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1084\G2AC_Service.exe [310080 2015-03-27] (Citrix Online, a division of Citrix Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation)
S2 mysql; c:\xampp\mysql\bin\mysqld.exe [8158720 2011-09-09] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-11-01] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-28] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-28] (NVIDIA Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
S2 Texis Monitor; C:\SIMULIA\Documentation\monitor.exe [4493312 2013-01-17] (Expansion Programs International, Inc.) [File not signed]
S2 VSSS; C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [104873984 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION
S3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [31344 2012-11-19] (Connectify)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R3 cyhid; C:\Windows\System32\DRIVERS\cyhid.sys [117248 2011-12-09] (Cypress Semiconductor, Inc.)
R3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [13824 2011-12-09] (Cypress Semiconductor, Inc.)
R3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [79872 2011-12-09] (Cypress Semiconductor, Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-31] (DT Soft Ltd)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-05-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-28] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation)
S3 WCDMA_Datacard_Usb_Ser; C:\Windows\System32\DRIVERS\WCDMA_Datacard_Usb_Ser.sys [121088 2013-01-15] (QUALCOMM Incorporated)
S1 crioevuo; \??\C:\Windows\system32\drivers\crioevuo.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S1 kqhtcgrc; \??\C:\Windows\system32\drivers\kqhtcgrc.sys [X]
S2 NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [X]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Offline avs nikhil

  • Bronze Member
  • Posts: 33
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #6 on: June 29, 2015, 05:53:04 AM »
Hi kevin,

'Part 3' of the post

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-29 16:46 - 2015-06-29 16:46 - 00023896 _____ C:\Users\nikhi\Desktop\FRST.txt
2015-06-29 16:46 - 2015-06-29 16:46 - 00000000 ____D C:\FRST
2015-06-29 16:45 - 2015-06-29 16:45 - 02112512 _____ (Farbar) C:\Users\nikhi\Desktop\FRST64.exe
2015-06-29 14:34 - 2015-06-29 16:41 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-29 14:34 - 2015-06-29 14:34 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-29 14:34 - 2015-06-29 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-29 14:34 - 2015-06-29 14:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-29 14:34 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-29 14:34 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-29 14:34 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-29 14:30 - 2015-06-29 14:30 - 01415680 _____ (wj32) C:\Program Files\PUWY057U.exe
2015-06-29 13:30 - 2015-06-29 13:30 - 00000000 ____D C:\Users\nikhi\Desktop\images
2015-06-29 13:00 - 2015-06-29 13:00 - 01415680 _____ (wj32) C:\Program Files\WY35ACHG.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\YW8642EC.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\YDIKPRT3.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\U6420CAO.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\35ACEGLN.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\KSUZ135S.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\EA62YUKA.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\9EGIKPRY.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\8ACEJLND.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\2468APUH.exe
2015-06-29 12:54 - 2015-06-29 12:54 - 01415680 _____ (wj32) C:\Program Files\MLE7O5G3.exe
2015-06-29 12:54 - 2015-06-29 12:54 - 01415680 _____ (wj32) C:\Program Files\168ACHG6.exe
2015-06-29 12:52 - 2015-06-29 12:52 - 00689664 _____ C:\Users\nikhi\Downloads\MicrosoftFixit50202.msi
2015-06-29 12:48 - 2015-06-29 12:48 - 01415680 _____ (wj32) C:\Program Files\KOMKWUSK.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 01415680 _____ (wj32) C:\Program Files\ECOMKWUU.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 01415680 _____ (wj32) C:\Program Files\168ACUWJ.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\YDKM68SU.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\VXZ16LNX.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\OKVXZEJ6.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\NSXZ4MOE.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\N579BGIS.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\68DFHMO8.exe
2015-06-29 12:46 - 2015-06-29 12:46 - 01415680 _____ (wj32) C:\Program Files\DFHM135V.exe
2015-06-29 12:40 - 2015-06-29 12:40 - 00000774 _____ C:\Users\nikhi\Desktop\chromehtml.reg
2015-06-29 12:35 - 2015-06-29 12:35 - 01415680 _____ (wj32) C:\Program Files\X5XBXJR1.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 01415680 _____ (wj32) C:\Program Files\AMKIGSK8.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 01415680 _____ (wj32) C:\Program Files\9BGINPRH.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\X2468D0K.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\KY6HP081.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\HJY357X4.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\246BDFH4.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\0249BT3T.exe
2015-06-29 12:33 - 2015-06-29 12:33 - 01415680 _____ (wj32) C:\Program Files\KMOKVX2V.exe
2015-06-29 12:28 - 2015-06-29 12:28 - 01415680 _____ (wj32) C:\Program Files\SUZ135AX.exe
2015-06-29 12:28 - 2015-06-29 12:28 - 01415680 _____ (wj32) C:\Program Files\KDRSF5S0.exe
2015-06-29 12:25 - 2015-06-29 12:26 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\nikhi\Desktop\mbam-setup-2.1.6.1022 (1).exe
2015-06-29 12:15 - 2015-06-29 12:15 - 01415680 _____ (wj32) C:\Program Files\FHMOKSAC.exe
2015-06-29 12:15 - 2015-06-29 12:15 - 01415680 _____ (wj32) C:\Program Files\BDFHMOTV.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\YWUS420Y.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\MOTVXZ46.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\KGC2VIBR.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\FHJLKSUK.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\EKOMKWUS.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\RTV0FHJW.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\NV3ET19K.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\9BDSXZ13.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\13LNPRWY.exe
2015-06-29 12:10 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\9BDIKPRE.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 01415680 _____ (wj32) C:\Program Files\WYDFKMO1.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 01415680 _____ (wj32) C:\Program Files\8AFHJLKA.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 01415680 _____ (wj32) C:\Program Files\51XKMI5M.exe
2015-06-29 12:09 - 2015-06-29 12:09 - 01415680 _____ (wj32) C:\Program Files\4FZM9D05.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 01415680 _____ (wj32) C:\Program Files\SKY3B6E4.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 01415680 _____ (wj32) C:\Program Files\KD92YREJ.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-29 11:52 - 2015-06-29 11:52 - 04800856 _____ (McAfee, Inc.) C:\Users\nikhi\Desktop\MCPR.exe
2015-06-29 03:04 - 2015-06-29 03:04 - 37328992 _____ (Oracle Corporation) C:\Users\nikhi\Downloads\jre-8u45-windows-i586.exe
2015-06-29 02:57 - 2015-06-29 02:57 - 01415680 _____ (wj32) C:\Program Files\PRTV027U.exe
2015-06-29 02:57 - 2015-06-29 02:57 - 01415680 _____ (wj32) C:\Program Files\5P6TAKDR.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\VDFHJOKD.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\SK20YWA8.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\MKIUSK42.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\IKMOTVXN.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\GECA86II.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\XZ168AC2.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\W1357CE4.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\KVX2468Y.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\GINPRTYL.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\79BGI0ZP.exe
2015-06-29 02:30 - 2015-06-29 02:30 - 00040895 _____ C:\Users\nikhi\Desktop\dds.txt
2015-06-29 02:30 - 2015-06-29 02:30 - 00001331 _____ C:\Users\nikhi\Desktop\attach.txt
2015-06-29 02:25 - 2015-06-29 02:25 - 00688992 ____R (Swearware) C:\Users\nikhi\Desktop\dds.com
2015-06-25 15:00 - 2015-06-25 15:00 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\deskPDF
2015-06-25 13:11 - 2015-06-25 13:11 - 01415680 _____ (wj32) C:\Program Files\YCW7C7OZ.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 01415680 _____ (wj32) C:\Program Files\WY027MOY.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 01415680 _____ (wj32) C:\Program Files\KWU6420E.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 01415680 _____ (wj32) C:\Program Files\KVALT195.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\Y0579BG3.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\OKSXZ46W.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\NPUWY05S.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\KYGOW4F8.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\KM138ACM.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\GINPR6BY.exe
2015-06-25 12:02 - 2015-06-29 11:51 - 00000000 ____D C:\Users\nikhi\Desktop\malware removal
2015-06-25 11:59 - 2015-06-25 16:55 - 00000106 _____ C:\Windows\FitCtrl.ini
2015-06-25 11:53 - 2000-09-17 12:51 - 00002279 _____ C:\Users\nikhi\Documents\M05-01.z
2015-06-25 08:06 - 2015-06-25 08:06 - 01415680 _____ (wj32) C:\Program Files\J6N1LZX2.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\MYWUS42G.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\JOKV02KU.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\0CA8KIGU.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\0AL2AL5U.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\ZEGINPRA.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\Y0279BD3.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\SX5D27IT.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\R2AIK19O.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\KPRWY02M.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\57MOTVXK.exe
2015-06-25 06:55 - 2015-06-25 06:55 - 00003250 _____ C:\Windows\System32\Tasks\{C6E22D41-2256-4CFB-9331-2B5F6A64CE4D}
2015-06-25 06:54 - 2015-06-25 06:54 - 00001121 _____ C:\Users\Public\Desktop\MEISP trial version.lnk
2015-06-25 06:54 - 2015-06-25 06:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Powergraphy
2015-06-25 06:54 - 2015-06-25 06:54 - 00000000 ____D C:\Program Files (x86)\Powergraphy
2015-06-25 06:54 - 2001-09-02 08:04 - 00339968 _____ (GipsySoft) C:\Windows\SysWOW64\QHTM.dll
2015-06-25 06:54 - 1999-06-24 14:50 - 00499782 _____ (Code Jockey: http://www.codejockeys.com/kstowell/) C:\Windows\SysWOW64\CJ60Libd.dll
2015-06-25 06:54 - 1999-03-22 23:00 - 00401484 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcrtd.dll
2015-06-25 06:54 - 1999-01-14 04:10 - 00036352 _____ C:\Windows\SysWOW64\Sx32w.dll
2015-06-25 06:54 - 1998-11-17 18:27 - 00427520 _____ (Digital Equipment Corporation) C:\Windows\SysWOW64\Dformd.dll
2015-06-25 06:54 - 1998-11-17 18:25 - 00420864 _____ (Digital Equipment Corporation) C:\Windows\SysWOW64\Dforrt.dll
2015-06-25 06:54 - 1998-09-24 23:00 - 00929844 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42d.dll
2015-06-25 06:54 - 1998-09-24 23:00 - 00798773 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfco42d.dll
2015-06-25 06:54 - 1998-06-16 23:00 - 00516173 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcp60d.dll
2015-06-25 06:54 - 1997-10-03 09:06 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcp50.dll
2015-06-25 06:52 - 1997-11-19 15:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-06-25 05:52 - 2015-06-25 05:52 - 01415680 _____ (wj32) C:\Program Files\CHJLNSUW.exe
2015-06-25 05:17 - 2015-06-25 05:17 - 00000000 ____D C:\Program Files (x86)\Windows Resource Kits
2015-06-24 15:36 - 2015-06-24 15:36 - 01415680 _____ (wj32) C:\Program Files\9BDFKMOE.exe
2015-06-24 15:36 - 2015-06-24 15:36 - 01415680 _____ (wj32) C:\Program Files\79BGIKMR.exe
2015-06-24 15:15 - 2015-06-24 15:15 - 00002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-06-24 15:15 - 2015-06-24 15:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-24 15:15 - 2015-06-24 15:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-06-24 12:29 - 2015-06-24 12:30 - 00000000 ____D C:\SFCFix
2015-06-24 12:13 - 2015-06-24 12:30 - 00000000 ____D C:\Users\nikhi\AppData\Local\niemiro
2015-06-24 01:10 - 2015-06-24 12:48 - 00000198 _____ C:\Users\nikhi\AppData\Local\Support.ini
2015-06-24 01:10 - 2015-06-24 12:46 - 00000000 ____D C:\Users\nikhi\AppData\Local\AvastSupport
2015-06-24 01:06 - 2015-06-24 01:06 - 00661128 _____ (AVAST Software) C:\Users\nikhi\Downloads\avastsupport.exe
2015-06-23 23:56 - 2015-06-24 00:09 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-23 23:41 - 2015-06-24 13:00 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-16 23:23 - 2015-06-13 13:04 - 03099085 _____ C:\Users\nikhi\Downloads\LEVMWL.zip
2015-06-16 23:16 - 2015-06-25 14:06 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\Help
2015-06-16 23:16 - 2015-06-25 14:04 - 00000000 ____D C:\Users\nikhi\AppData\Local\Help
2015-06-16 23:16 - 2009-08-04 23:26 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2015-06-16 23:16 - 2009-08-04 23:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2015-06-16 23:15 - 2015-06-16 23:15 - 00718172 _____ C:\Users\nikhi\Downloads\Windows6.1-KB917607-x64.msu
2015-06-12 11:26 - 2015-06-12 11:26 - 00000000 ____D C:\Program Files (x86)\Dell Update
2015-06-10 00:11 - 2015-06-02 00:46 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 00:11 - 2015-06-01 23:37 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 00:11 - 2015-05-27 20:05 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 00:11 - 2015-05-27 19:38 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 00:11 - 2015-05-25 23:49 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 00:11 - 2015-05-23 08:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 00:11 - 2015-05-23 08:45 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 00:11 - 2015-05-23 08:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 00:11 - 2015-05-23 08:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 00:11 - 2015-05-23 08:44 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 00:11 - 2015-05-23 08:43 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 00:11 - 2015-05-23 08:40 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 00:11 - 2015-05-23 08:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 00:11 - 2015-05-23 08:38 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 00:11 - 2015-05-23 08:36 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 00:11 - 2015-05-23 08:35 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 00:11 - 2015-05-23 08:35 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 00:11 - 2015-05-23 08:34 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 00:11 - 2015-05-23 08:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 00:11 - 2015-05-23 08:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 00:11 - 2015-05-23 08:19 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 00:11 - 2015-05-23 08:18 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 00:11 - 2015-05-23 08:17 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 00:11 - 2015-05-23 08:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 00:11 - 2015-05-23 08:08 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 00:11 - 2015-05-23 08:07 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 00:11 - 2015-05-23 08:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 00:11 - 2015-05-23 07:58 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 00:11 - 2015-05-23 07:50 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 00:11 - 2015-05-23 07:46 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 00:11 - 2015-05-23 07:44 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 00:11 - 2015-05-23 00:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 00:11 - 2015-05-23 00:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 00:11 - 2015-05-23 00:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 00:11 - 2015-05-23 00:30 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 00:11 - 2015-05-23 00:30 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 00:11 - 2015-05-23 00:30 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 00:11 - 2015-05-23 00:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 00:11 - 2015-05-23 00:29 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 00:11 - 2015-05-23 00:23 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 00:11 - 2015-05-23 00:22 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 00:11 - 2015-05-23 00:22 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 00:11 - 2015-05-23 00:18 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 00:11 - 2015-05-23 00:17 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 00:11 - 2015-05-23 00:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 00:11 - 2015-05-23 00:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 00:11 - 2015-05-23 00:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 00:11 - 2015-05-23 00:10 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 00:11 - 2015-05-23 00:06 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 00:11 - 2015-05-22 23:59 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 00:11 - 2015-05-22 23:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 00:11 - 2015-05-22 23:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 00:11 - 2015-05-22 23:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 00:11 - 2015-05-22 23:37 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 00:11 - 2015-05-22 23:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 00:11 - 2015-05-22 23:35 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 00:11 - 2015-05-22 23:35 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 00:11 - 2015-05-22 23:27 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 00:11 - 2015-05-22 23:20 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 00:11 - 2015-05-22 23:08 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 00:11 - 2015-05-22 22:56 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 00:11 - 2015-04-29 23:52 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 00:11 - 2015-04-29 23:51 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 00:11 - 2015-04-29 23:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 00:11 - 2015-04-29 23:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 00:11 - 2015-04-29 23:49 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 00:11 - 2015-04-29 23:37 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 00:11 - 2015-04-29 23:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 00:11 - 2015-04-29 23:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 00:11 - 2015-04-29 23:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 00:11 - 2015-04-29 23:35 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 00:10 - 2015-05-25 23:54 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 00:10 - 2015-05-25 23:53 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 00:10 - 2015-05-25 23:53 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 00:10 - 2015-05-25 23:51 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 00:10 - 2015-05-25 23:44 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 00:10 - 2015-05-25 23:44 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:37 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 00:10 - 2015-05-25 23:37 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 00:10 - 2015-05-25 23:34 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 00:10 - 2015-05-25 23:30 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 00:10 - 2015-05-25 23:29 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 00:10 - 2015-05-25 23:29 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 00:10 - 2015-05-25 23:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 00:10 - 2015-05-25 23:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 00:10 - 2015-05-25 23:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 00:10 - 2015-05-25 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:38 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 00:10 - 2015-05-25 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 00:10 - 2015-05-25 22:20 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 00:10 - 2015-05-25 22:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 00:10 - 2015-05-25 22:18 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 00:10 - 2015-04-24 23:47 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 00:10 - 2015-04-24 23:26 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 00:10 - 2015-04-11 08:49 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-09 20:51 - 2015-06-09 21:40 - 854812021 _____ C:\Users\nikhi\Downloads\Chef.2014.720p.BluRay.x264.YIFY.mp4
2015-06-08 09:40 - 2015-06-08 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2015-06-08 09:40 - 2015-06-08 09:40 - 00000000 ____D C:\Program Files\Common Files\Wolfram Research
2015-06-08 09:33 - 2015-06-08 09:33 - 00000000 ____D C:\Program Files\Wolfram Research
2015-06-07 21:58 - 2015-06-20 23:43 - 00000000 ____D C:\Users\nikhi\Downloads\Video
2015-06-07 21:58 - 2015-06-14 21:05 - 00000000 ____D C:\Users\nikhi\Downloads\Compressed
2015-06-07 21:56 - 2015-06-07 21:56 - 00000000 ____D C:\Users\nikhi\Downloads\Internet Download Manager (IDM) 6.23 Build 3 Final Incl. Crack [ATOM]
2015-06-07 18:42 - 2015-06-07 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-07 12:50 - 2015-06-07 12:50 - 00000000 ____D C:\Users\nikhi\AppData\Local\Wolfram Research
2015-06-07 00:11 - 2015-06-07 00:11 - 00000000 ____D C:\Users\nikhi\Desktop\Tor Browser
2015-06-06 16:27 - 2015-06-06 16:28 - 00000000 ____D C:\ProgramData\MathematicaPlayer
2015-06-06 16:27 - 2015-06-06 16:27 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\MathematicaPlayer
2015-06-06 16:27 - 2015-06-06 16:27 - 00000000 ____D C:\Users\nikhi\AppData\Local\MathematicaPlayer
2015-06-06 16:27 - 2015-06-06 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram CDF Player
2015-06-06 16:26 - 2015-06-06 16:26 - 00000000 ____D C:\Program Files (x86)\Wolfram Research
2015-06-05 18:35 - 2015-06-05 18:35 - 00000000 ____D C:\Users\nikhi\Downloads\images
2015-06-05 12:34 - 2015-05-22 23:48 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 12:34 - 2015-05-22 23:43 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 12:34 - 2015-05-21 18:49 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-03 10:25 - 2015-06-25 07:53 - 00000000 ____D C:\Users\nikhi\AppData\Local\Windows Live
2015-06-03 10:25 - 2015-06-03 10:25 - 00000000 ____D C:\Users\nikhi\AppData\Local\{A7FC2C82-9BB2-4D58-AED0-57B4037E5BB8}
2015-06-03 10:25 - 2015-06-03 10:25 - 00000000 ____D C:\Users\nikhi\AppData\Local\{9ACA744F-466D-41A1-9370-3530A0354075}
2015-06-03 10:23 - 2015-06-03 12:49 - 00000000 ____D C:\Users\nikhi\Downloads\National Building Code of India 2005_files
2015-06-03 00:23 - 2015-06-03 00:23 - 00000000 ____D C:\Users\nikhi\AppData\Local\Luiz Fernando
2015-06-03 00:18 - 2015-06-03 00:18 - 00000000 ____D C:\Program Files (x86)\GIF Viewer
2015-06-01 20:37 - 2015-06-01 20:37 - 00000000 ____D C:\Users\nikhi\AppData\Local\GWX
2015-06-01 20:34 - 2015-06-01 20:34 - 00000000 ____D C:\Users\nikhi\AppData\Local\NVIDIA Corporation
2015-06-01 20:34 - 2015-06-01 20:34 - 00000000 ____D C:\Users\nikhi\AppData\Local\NVIDIA
2015-06-01 20:30 - 2015-06-01 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-01 20:30 - 2015-05-28 12:34 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-01 20:30 - 2015-05-28 12:34 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-01 20:30 - 2015-05-28 12:34 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-01 20:30 - 2015-05-28 12:34 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-01 20:29 - 2015-06-01 20:29 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-06-01 20:29 - 2015-06-01 20:29 - 00000000 ____D C:\Windows\system32\NV
2015-06-01 20:29 - 2015-05-28 09:22 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-01 20:28 - 2015-06-01 20:28 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-01 20:28 - 2015-05-28 12:34 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-01 20:28 - 2015-05-28 12:34 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00299664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2015-06-01 20:28 - 2015-05-28 12:34 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00052880 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-01 20:28 - 2015-05-28 12:34 - 00031560 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-06-01 20:26 - 2015-06-01 20:26 - 00000000 ____D C:\NVIDIA
2015-05-31 12:28 - 2015-05-31 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader
2015-05-31 12:28 - 2015-05-31 12:28 - 00000000 ____D C:\Program Files (x86)\EPUB File Reader

Offline avs nikhil

  • Bronze Member
  • Posts: 33
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #7 on: June 29, 2015, 05:54:36 AM »
Hi kevin,

'Part 4' of the post

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-29 14:52 - 2009-07-14 10:43 - 00912410 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-29 14:48 - 2010-11-21 09:17 - 01224318 _____ C:\Windows\PFRO.log
2015-06-29 14:48 - 2009-07-14 11:02 - 00000000 ____D C:\Windows\addins
2015-06-29 14:31 - 2012-03-29 17:14 - 01449462 _____ C:\Windows\WindowsUpdate.log
2015-06-29 14:27 - 2012-09-22 10:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-29 14:11 - 2012-07-29 19:42 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001UA.job
2015-06-29 14:10 - 2015-02-05 14:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-29 13:11 - 2012-07-29 19:42 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001Core.job
2015-06-29 13:04 - 2009-07-14 10:15 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-29 13:04 - 2009-07-14 10:15 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-29 12:56 - 2012-11-19 17:47 - 00000000 ____D C:\Program Files (x86)\Connectify
2015-06-29 12:54 - 2012-09-22 10:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-29 12:54 - 2012-03-29 19:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-29 12:54 - 2012-03-29 17:35 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2015-06-29 12:54 - 2012-03-29 17:35 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2015-06-29 12:54 - 2012-03-29 17:32 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2015-06-29 12:54 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-29 12:54 - 2009-07-14 10:21 - 00244724 _____ C:\Windows\setupact.log
2015-06-29 12:39 - 2012-04-30 07:32 - 00001379 _____ C:\Users\nikhi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-29 12:13 - 2012-04-30 07:26 - 00115624 _____ C:\Users\nikhi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-29 12:13 - 2009-07-14 10:15 - 03033600 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-29 11:42 - 2012-07-17 00:23 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\vlc
2015-06-29 03:34 - 2012-08-15 22:51 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-29 03:33 - 2013-09-15 22:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-06-29 03:33 - 2010-11-21 12:46 - 00000000 ____D C:\Windows\ShellNew
2015-06-29 03:33 - 2009-07-14 11:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-29 03:33 - 2009-07-14 08:04 - 00000521 _____ C:\Windows\win.ini
2015-06-29 03:32 - 2009-07-14 08:50 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-29 03:10 - 2015-02-05 14:20 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-29 03:10 - 2014-07-14 13:34 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-29 03:10 - 2012-07-12 15:24 - 00000000 ____D C:\Users\nikhi\AppData\Local\Adobe
2015-06-29 03:10 - 2012-03-29 17:15 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-29 03:06 - 2014-07-22 13:35 - 00000000 ____D C:\ProgramData\Oracle
2015-06-29 03:06 - 2014-07-22 13:35 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-29 03:05 - 2014-07-22 13:35 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-29 03:05 - 2012-03-29 17:26 - 00000000 ____D C:\Program Files\Java
2015-06-29 02:51 - 2014-02-24 23:24 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\DMCache
2015-06-29 02:40 - 2015-01-17 11:35 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\uTorrent
2015-06-28 23:28 - 2013-12-31 03:02 - 00008730 _____ C:\Windows\IE11_main.log
2015-06-27 14:21 - 2013-04-19 15:57 - 00000000 ____D C:\Users\nikhi\Documents\MATLAB
2015-06-25 06:27 - 2011-02-10 21:40 - 00896720 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-24 15:15 - 2012-08-18 12:48 - 00001945 _____ C:\Windows\epplauncher.mif
2015-06-24 15:14 - 2014-12-29 08:42 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 03:21 - 2013-06-23 23:25 - 00007633 _____ C:\Users\nikhi\AppData\Local\resmon.resmoncfg
2015-06-24 02:20 - 2013-08-31 16:55 - 00000000 ____D C:\Windows\pss
2015-06-24 01:47 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\system32\NDF
2015-06-23 23:20 - 2012-03-29 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-06-23 23:20 - 2012-03-29 17:32 - 00000000 ____D C:\Program Files\Dell
2015-06-23 23:12 - 2012-09-04 14:11 - 00000000 ____D C:\Users\nikhi\Documents\CFI
2015-06-23 16:43 - 2014-01-25 20:04 - 00000000 ____D C:\Users\nikhi\Documents\Visual Studio 2010
2015-06-23 09:25 - 2012-07-24 09:00 - 00000000 ____D C:\ProgramData\PCDr
2015-06-22 10:19 - 2015-04-08 16:12 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2015-06-20 11:43 - 2012-11-19 17:48 - 00000000 ____D C:\Users\nikhi\AppData\Local\Connectify
2015-06-17 11:07 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\rescache
2015-06-16 23:32 - 2015-05-13 16:40 - 00000000 ____D C:\Users\nikhi\Documents\1 DDP
2015-06-16 23:14 - 2015-02-03 21:05 - 00000000 __SHD C:\Users\nikhi\AppData\Local\EmieBrowserModeList
2015-06-16 23:14 - 2014-06-07 13:41 - 00000000 __SHD C:\Users\nikhi\AppData\Local\EmieUserList
2015-06-16 23:14 - 2014-06-07 13:41 - 00000000 __SHD C:\Users\nikhi\AppData\Local\EmieSiteList
2015-06-16 21:25 - 2015-05-17 15:58 - 00000000 ____D C:\Users\nikhi\Documents\3 summer
2015-06-13 18:29 - 2012-09-22 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-13 17:16 - 2014-08-20 18:00 - 00000000 ____D C:\Users\nikhi\Documents\Origin User Files
2015-06-12 21:03 - 2012-09-07 14:27 - 00000000 ____D C:\Users\nikhi\Desktop\Temp
2015-06-12 11:20 - 2012-03-29 18:58 - 00000000 ____D C:\ProgramData\Dell
2015-06-10 07:25 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 03:07 - 2013-09-14 03:25 - 00000000 ____D C:\Windows\system32\MRT
2015-06-09 11:46 - 2015-03-29 01:24 - 00000000 ____D C:\Users\nikhi\Downloads\tore
2015-06-08 17:32 - 2012-09-04 14:12 - 00000000 ____D C:\Users\nikhi\Documents\others
2015-06-08 17:30 - 2013-01-31 02:02 - 00000000 ____D C:\Users\nikhi\Documents\Papers
2015-06-08 17:20 - 2012-09-06 16:17 - 00000000 ____D C:\Users\nikhi\Desktop\Applications
2015-06-08 09:40 - 2014-01-23 13:30 - 00000000 ____D C:\ProgramData\Mathematica
2015-06-08 09:40 - 2014-01-23 13:30 - 00000000 ____D C:\Program Files\Extras
2015-06-07 21:51 - 2014-07-14 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 16:34 - 2014-07-10 20:14 - 00000000 ____D C:\Users\nikhi\Documents\My Games
2015-06-06 16:33 - 2015-04-10 17:03 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-06-06 03:15 - 2014-12-11 07:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 03:15 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-02 03:00 - 2014-01-25 20:07 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-01 20:34 - 2012-03-29 19:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-01 20:30 - 2012-03-29 19:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-01 20:30 - 2012-03-29 19:09 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-01 20:30 - 2012-03-29 17:32 - 00000000 ____D C:\Temp

==================== Files in the root of some directories =======

2015-06-29 12:34 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\0249BT3T.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 1415680 _____ (wj32) C:\Program Files\0AL2AL5U.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 1415680 _____ (wj32) C:\Program Files\0CA8KIGU.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 1415680 _____ (wj32) C:\Program Files\13LNPRWY.exe
2015-06-29 12:54 - 2015-06-29 12:54 - 1415680 _____ (wj32) C:\Program Files\168ACHG6.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 1415680 _____ (wj32) C:\Program Files\168ACUWJ.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 1415680 _____ (wj32) C:\Program Files\2468APUH.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\246BDFH4.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 1415680 _____ (wj32) C:\Program Files\35ACEGLN.exe
2015-06-29 12:09 - 2015-06-29 12:09 - 1415680 _____ (wj32) C:\Program Files\4FZM9D05.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 1415680 _____ (wj32) C:\Program Files\51XKMI5M.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\57MOTVXK.exe
2015-06-29 02:57 - 2015-06-29 02:57 - 1415680 _____ (wj32) C:\Program Files\5P6TAKDR.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\68DFHMO8.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 1415680 _____ (wj32) C:\Program Files\79BGI0ZP.exe
2015-06-24 15:36 - 2015-06-24 15:36 - 1415680 _____ (wj32) C:\Program Files\79BGIKMR.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 1415680 _____ (wj32) C:\Program Files\8ACEJLND.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 1415680 _____ (wj32) C:\Program Files\8AFHJLKA.exe
2015-06-24 15:36 - 2015-06-24 15:36 - 1415680 _____ (wj32) C:\Program Files\9BDFKMOE.exe
2015-06-29 12:10 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\9BDIKPRE.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 1415680 _____ (wj32) C:\Program Files\9BDSXZ13.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 1415680 _____ (wj32) C:\Program Files\9BGINPRH.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 1415680 _____ (wj32) C:\Program Files\9EGIKPRY.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 1415680 _____ (wj32) C:\Program Files\AMKIGSK8.exe
2015-06-29 12:15 - 2015-06-29 12:15 - 1415680 _____ (wj32) C:\Program Files\BDFHMOTV.exe
2015-06-25 05:52 - 2015-06-25 05:52 - 1415680 _____ (wj32) C:\Program Files\CHJLNSUW.exe
2015-06-29 12:46 - 2015-06-29 12:46 - 1415680 _____ (wj32) C:\Program Files\DFHM135V.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 1415680 _____ (wj32) C:\Program Files\EA62YUKA.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 1415680 _____ (wj32) C:\Program Files\ECOMKWUU.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 1415680 _____ (wj32) C:\Program Files\EKOMKWUS.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 1415680 _____ (wj32) C:\Program Files\FHJLKSUK.exe
2015-06-29 12:15 - 2015-06-29 12:15 - 1415680 _____ (wj32) C:\Program Files\FHMOKSAC.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 1415680 _____ (wj32) C:\Program Files\GECA86II.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\GINPR6BY.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 1415680 _____ (wj32) C:\Program Files\GINPRTYL.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\HJY357X4.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 1415680 _____ (wj32) C:\Program Files\IKMOTVXN.exe
2015-06-25 08:06 - 2015-06-25 08:06 - 1415680 _____ (wj32) C:\Program Files\J6N1LZX2.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 1415680 _____ (wj32) C:\Program Files\JOKV02KU.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 1415680 _____ (wj32) C:\Program Files\KD92YREJ.exe
2015-06-29 12:28 - 2015-06-29 12:28 - 1415680 _____ (wj32) C:\Program Files\KDRSF5S0.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 1415680 _____ (wj32) C:\Program Files\KGC2VIBR.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\KM138ACM.exe
2015-06-29 12:33 - 2015-06-29 12:33 - 1415680 _____ (wj32) C:\Program Files\KMOKVX2V.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 1415680 _____ (wj32) C:\Program Files\KOMKWUSK.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\KPRWY02M.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 1415680 _____ (wj32) C:\Program Files\KSUZ135S.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 1415680 _____ (wj32) C:\Program Files\KVALT195.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 1415680 _____ (wj32) C:\Program Files\KVX2468Y.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 1415680 _____ (wj32) C:\Program Files\KWU6420E.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\KY6HP081.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\KYGOW4F8.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 1415680 _____ (wj32) C:\Program Files\MKIUSK42.exe
2015-06-29 12:54 - 2015-06-29 12:54 - 1415680 _____ (wj32) C:\Program Files\MLE7O5G3.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 1415680 _____ (wj32) C:\Program Files\MOTVXZ46.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 1415680 _____ (wj32) C:\Program Files\MYWUS42G.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\N579BGIS.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\NPUWY05S.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\NSXZ4MOE.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 1415680 _____ (wj32) C:\Program Files\NV3ET19K.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\OKSXZ46W.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\OKVXZEJ6.exe
2015-06-29 02:57 - 2015-06-29 02:57 - 1415680 _____ (wj32) C:\Program Files\PRTV027U.exe
2015-06-29 14:30 - 2015-06-29 14:30 - 1415680 _____ (wj32) C:\Program Files\PUWY057U.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\R2AIK19O.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 1415680 _____ (wj32) C:\Program Files\RTV0FHJW.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 1415680 _____ (wj32) C:\Program Files\SK20YWA8.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 1415680 _____ (wj32) C:\Program Files\SKY3B6E4.exe
2015-06-29 12:28 - 2015-06-29 12:28 - 1415680 _____ (wj32) C:\Program Files\SUZ135AX.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\SX5D27IT.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 1415680 _____ (wj32) C:\Program Files\U6420CAO.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 1415680 _____ (wj32) C:\Program Files\VDFHJOKD.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\VXZ16LNX.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 1415680 _____ (wj32) C:\Program Files\W1357CE4.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 1415680 _____ (wj32) C:\Program Files\WY027MOY.exe
2015-06-29 13:00 - 2015-06-29 13:00 - 1415680 _____ (wj32) C:\Program Files\WY35ACHG.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 1415680 _____ (wj32) C:\Program Files\WYDFKMO1.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\X2468D0K.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 1415680 _____ (wj32) C:\Program Files\X5XBXJR1.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 1415680 _____ (wj32) C:\Program Files\XZ168AC2.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\Y0279BD3.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\Y0579BG3.exe
2015-06-25 13:11 - 2015-06-25 13:11 - 1415680 _____ (wj32) C:\Program Files\YCW7C7OZ.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 1415680 _____ (wj32) C:\Program Files\YDIKPRT3.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\YDKM68SU.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 1415680 _____ (wj32) C:\Program Files\YW8642EC.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 1415680 _____ (wj32) C:\Program Files\YWUS420Y.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\ZEGINPRA.exe
2014-05-12 15:24 - 2014-05-12 15:24 - 0055783 _____ () C:\Program Files (x86)\uninstall-g95.exe
2012-07-13 00:27 - 2014-06-20 20:34 - 0011264 _____ () C:\Users\nikhi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-23 23:25 - 2015-06-24 03:21 - 0007633 _____ () C:\Users\nikhi\AppData\Local\resmon.resmoncfg
2015-06-24 01:10 - 2015-06-24 12:48 - 0000198 _____ () C:\Users\nikhi\AppData\Local\Support.ini
2014-06-20 20:32 - 2015-05-27 00:24 - 0000700 ___SH () C:\Users\nikhi\AppData\Local\systemFL7.dat
2015-05-26 23:36 - 2015-05-27 00:00 - 0011781 ___SH () C:\Users\nikhi\AppData\Local\win_flfiles_sys.dat
2014-11-20 13:27 - 2014-11-20 13:27 - 0000000 _____ () C:\Users\nikhi\AppData\Local\{98E06468-99E8-48E9-A541-CA2B1AA0377D}

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-24 16:19

==================== End of log ============================

Offline avs nikhil

  • Bronze Member
  • Posts: 33
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #8 on: June 29, 2015, 05:56:04 AM »
Hi Kevin,

'Part 5' of the post

Here is the Addition text file content -

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by nikhi at 2015-06-29 16:46:44
Running from C:\Users\nikhi\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2052094510-1569341030-3252781033-500 - Administrator - Disabled)
Guest (S-1-5-21-2052094510-1569341030-3252781033-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2052094510-1569341030-3252781033-1010 - Limited - Enabled)
nikhi (S-1-5-21-2052094510-1569341030-3252781033-1001 - Administrator - Enabled) => C:\Users\nikhi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Abaqus 6.12-3 (HKLM-x32\...\Abaqus 6.12-3) (Version: 6.12.0.0 - Dassault Systemes Simulia Corp.)
Abaqus FLEXnet License Server (HKLM-x32\...\Abaqus FLEXnet License Server) (Version: 6.9.0.0 - Dassault Systemes Simulia Corp.)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
C-Free 5.0 Professional (HKLM-x32\...\C-Free 5.0_is1) (Version:  - Program Arts)
Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix)
CMake 3.0.2, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.0.2) (Version: 3.0.2 - Kitware)
Connectify (HKLM\...\Connectify) (Version: 3.0.0.20932 - Connectify)
Cortona3D Viewer (HKLM-x32\...\{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}) (Version: 6.0.179 - ParallelGraphics)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crystal Reports Basic for Visual Studio 2008 (HKLM-x32\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
Cypress TrackPad (HKLM\...\{7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1) (Version: 2.3.6.26 - Cypress Semiconductor, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Debug Server (HKLM-x32\...\4F9A85D9-5F0E-E538-D71C-621DF59F81FA) (Version: 4.0 - Texas Instruments)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{0F99CA59-7CB4-4167-A43A-4B1D5E584281}) (Version: 1.6.301.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.50 - ArcSoft)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell Update (HKLM-x32\...\{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}) (Version: 1.6.1007.0 - Dell Inc.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2214 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2214 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Digimizer (HKLM-x32\...\{65118913-87D8-435B-92A6-C599485F3A4C}) (Version: 4.3.0 - MedCalc Software)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dropbox (HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DVDFab Media Player 2 (HKLM-x32\...\DVDFab Media Player 2_is1) (Version: 2.5.0.2 - Fengtao Software Inc.)
EAGLE 6.2.0 (HKLM-x32\...\EAGLE 6.2.0) (Version: 6.2.0 - CadSoft Computer GmbH)
Eagle3D 1.05 (HKLM-x32\...\Eagle3D_is1) (Version:  - Matthias Weißer)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - epubfilereader.com)
Face Recognition (HKLM\...\{B132D631-AD31-41C1-BC8A-9715104C633F}) (Version: 3.1.70.1 - Sensible Vision)
GC (HKLM-x32\...\GC) (Version:  - ) <==== ATTENTION
GIF Viewer (HKLM-x32\...\GIF Viewer) (Version:  - )
Git version 1.8.1.2-preview20130201 (HKLM-x32\...\Git_is1) (Version: 1.8.1.2-preview20130201 - The Git Development Community)
GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32)
Google Chrome (HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.2.0.1084 - Citrix Online, a division of Citrix Systems, Inc.)
i686-4.9.1-posix-dwarf-rt_v3-rev1 (HKLM-x32\...\i686-4.9.1-posix-dwarf-rt_v3-rev1) (Version:  - MinGW-W64)
ICSD Database for X'Pert HighScore Plus V1.5 (HKLM-x32\...\InstallShield_{C2F19F6A-F2B0-46F9-9887-CDD64BB18E60}) (Version: 1.50.0000 - PANalytical B.V.)
ICSD Database for X'Pert HighScore Plus V1.5 (x32 Version: 1.50.0000 - PANalytical B.V.) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1008 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel(R) WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
JabRef 2.9.2 (HKLM-x32\...\JabRef 2.9.2) (Version: 2.9.2 - JabRef Team)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170600}) (Version: 1.7.0.600 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LINDO 6.1 (HKLM-x32\...\{C19796D5-E477-40A1-8C78-DF2EB439D99B}) (Version: 6.1.0 - XXXXXXXX)
LyX 2.0.6 (HKLM-x32\...\LyX206) (Version: 2.0.6 - LyX Team)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MATLAB R2012b (HKLM\...\Matlab R2012b) (Version: 8.0 - The MathWorks, Inc.)
MEISP v3.0 Multiple EIS Parameterization trial version (HKLM-x32\...\MEISP v3.0 Multiple EIS Parameterization trial version) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Device Emulator (64 bit) version 3.0 - ENU (HKLM\...\{EF8B1A2E-9CCB-3AB2-91E3-4EEDAB1294E1}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft HPC Pack 2008 R2 MS-MPI Redistributable Pack (HKLM\...\{D3299935-57F7-403A-9D7B-0B8F9F56F44B}) (Version: 3.0.2369.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices ENU (HKLM-x32\...\{241F2BF7-69EB-42A4-9156-96B2426C7504}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM-x32\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2008 Professional Edition - ENU (HKLM-x32\...\Microsoft Visual Studio 2008 Professional Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{29C93182-34F6-3275-A18D-59326851CD57}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{9aa5f39c-a8de-46b0-919a-0248f8bc8490}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{62EED300-E841-4083-A1D6-60B906271804}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{A992BBAA-723D-4574-A07F-983BF8FAA3E1}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVC80_Runtime (HKLM-x32\...\{5E81B080-4629-4EC3-AA90-538394122120}) (Version: 1.0.0.0 - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin8 (x32 Version: 8.00.000 - OriginLab) Hidden
OriginPro 8 (HKLM-x32\...\{A912021A-FEDD-4DA3-8DB4-245EBDA84778}) (Version: 8.00.000 - OriginLab Corporation)
PANalytical X'Pert Highscore Plus (HKLM-x32\...\{C619E83D-62B9-4FE5-9736-F6DBD2850024}) (Version: 3.0.0 - PANalytical)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.8.0 - Prolific Technology INC)
POV-Ray for Windows v3.62 (HKLM\...\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}) (Version: 3.62 - Persistence of Vision Raytracer Pty. Ltd.)
Prism Video File Converter (HKLM-x32\...\Prism) (Version:  - NCH Software)
Python 2.7 pyserial-2.5 (HKLM-x32\...\pyserial-py2.7) (Version:  - )
Python 2.7.3 (HKLM-x32\...\{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}) (Version: 2.7.3150 - Python Software Foundation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
SIMULIA FLEXnet License Server (HKLM-x32\...\SIMULIA FLEXnet License Server) (Version: 6.12.0.0 - Dassault Systemes Simulia Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SSH Secure Shell (HKLM-x32\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version:  - )
SYS BIOS 6.30.02.42 (HKLM-x32\...\257D40B-AC0E-3A45-7DA7-2546F9DCCE01) (Version: 6.30.02.42 - Texas Instruments)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Ubuntu (HKLM-x32\...\Wubi) (Version: 12.04-rev266 - Ubuntu)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
VISIONTEK 3G USB MODEM (HKLM\...\VISIONTEK 3G USB MODEM - VTK_is1) (Version:  - )
Visual C++ 2008 x64 Runtime - v9.0.30729.4967 (HKLM-x32\...\{2FD19779-BD96-31F4-954D-7C7FE546BFD1}.vc_x64runtime_30729_4967) (Version: 9.0.30729.4967 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.4967 (HKLM-x32\...\{EC1F1209-E48D-38B0-BE25-B37C6BFCF676}.vc_x86runtime_30729_4967) (Version: 9.0.30729.4967 - Microsoft Corporation)
Visual Studio .NET Prerequisites - English (HKLM\...\{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}) (Version: 9.0.21022 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows Driver Package - Silicon Laboratories (silabenm) Ports  (12/10/2012 6.6.1.0) (HKLM\...\D680DEE0F68D64EC53D0C5769879D15D387054CC) (Version: 12/10/2012 6.6.1.0 - Silicon Laboratories)
Windows Driver Package - Texas Instruments (usbser) Ports  (12/11/2007 1.3) (HKLM\...\B89452C8A2A1FCF2E1BCF0ECA27FB6019CFA00CF) (Version: 12/11/2007 1.3 - Texas Instruments)
Windows Driver Package - Texas Instruments, Inc (umpusbvista) Ports  (10/20/2009 6.5.9017.0) (HKLM\...\287456DB90C1DA963CF09266912A2F7FFEF599C5) (Version: 10/20/2009 6.5.9017.0 - Texas Instruments, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM-x32\...\{6C9F6D23-E9AD-43C9-B43A-011562AAF876}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM-x32\...\{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wolfram CDF Player (M-WIN-D 8.0.4 2609533) (HKLM-x32\...\M-WIN-D 8.0.4 2609533_is1) (Version: 8.0.4 - Wolfram Research, Inc.)
Wolfram Extras 10.1 (5292844) (HKLM\...\A-WIN-Extras 10.1.0 5292844_is1) (Version: 10.1.0 - Wolfram Research, Inc.)
Wolfram Mathematica 10.1 (M-WIN-L 10.1.0 5292918) (HKLM\...\M-WIN-L 10.1.0 5292918_is1) (Version: 10.1.0 - Wolfram Research, Inc.)

Offline avs nikhil

  • Bronze Member
  • Posts: 33
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #9 on: June 29, 2015, 05:58:16 AM »
Hi Kevin,

'Part 6' of the post

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-29 17:20 - 2014-11-14 17:44 - 00001796 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com127.0.0.1            practivate.adobe.com
127.0.0.1            ereg.adobe.com
127.0.0.1            activate.wip3.adobe.com
127.0.0.1            wip3.adobe.com
127.0.0.1            3dns-3.adobe.com
127.0.0.1            3dns-2.adobe.com
127.0.0.1            adobe-dns.adobe.com
127.0.0.1            adobe-dns-2.adobe.com
127.0.0.1            adobe-dns-3.adobe.com
127.0.0.1            ereg.wip3.adobe.com
127.0.0.1            activate-sea.adobe.com
127.0.0.1            wwis-dubc1-vip60.adobe.com
127.0.0.1            activate-sjc0.adobe.com
127.0.0.1            practivate.adobe.com
127.0.0.1            ereg.adobe.com
127.0.0.1            activate.wip3.adobe.com
127.0.0.1            wip3.adobe.com
127.0.0.1            3dns-3.adobe.com
127.0.0.1            3dns-2.adobe.com
127.0.0.1            adobe-dns.adobe.com
127.0.0.1            adobe-dns-2.adobe.com
127.0.0.1            adobe-dns-3.adobe.com
127.0.0.1            ereg.wip3.adobe.com
127.0.0.1            activate-sea.adobe.com
127.0.0.1            wwis-dubc1-vip60.adobe.com
127.0.0.1            activate-sjc0.adobe.com
10.24.0.171   cclicserver.iitm.ac.in    leo


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {261EB4F7-F22F-436D-8A39-F3DB4DE2AA25} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {41209D24-F5A0-4260-B3BB-2D02CB7CBC5B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {4DC70E6E-5006-4CD3-804D-69FF1A14CD02} - System32\Tasks\{D574E3D9-AE97-4001-BEE3-0EE5E708A146} => pcalua.exe -a "C:\Program Files (x86)\NewSoftware's\Folder Lock\uninstall.exe" -c -u
Task: {4EB1AA38-6345-496C-8B17-0185E3AEF7CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001UA => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.)
Task: {57F7AD66-2872-43F1-A226-B2223FE8CFE3} - System32\Tasks\{5C0929CB-AC8C-43D8-B24F-F9858688F03B} => pcalua.exe -a "C:\Users\nikhi\Documents\My Received Files\Driver.exe" -d "C:\Users\nikhi\Documents\My Received Files"
Task: {5BD8F4C6-B3E6-4287-93FA-4AE8B026FEE3} - System32\Tasks\{A0E20DF1-85F0-4FCF-82CD-465F45228656} => pcalua.exe -a G:\setup.exe -d G:\
Task: {5D6394BA-C317-4B61-815A-213B508F55DE} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-29] (Microsoft Corporation)
Task: {6477175B-C3F2-4086-A9D7-9D6BB03FDE8F} - \FF Watcher {87EA3E8B-0A16-4191-BFFB-10CD9E4726A6} No Task File <==== ATTENTION
Task: {65F432A0-2DBB-4C09-9A2C-E60A9A4E9786} - System32\Tasks\{C6E22D41-2256-4CFB-9331-2B5F6A64CE4D} => pcalua.exe -a "C:\Users\nikhi\Documents\3 summer\EIS\MEISP\MEISP3trial\SETUP.EXE" -d "C:\Users\nikhi\Documents\3 summer\EIS\MEISP\MEISP3trial"
Task: {720D524B-4D83-4091-A6F7-113E1DE8B25C} - System32\Tasks\{2C39F887-DB06-4A60-A7D3-7FA2806415F8} => pcalua.exe -a G:\setup.exe -d G:\
Task: {7485E90C-B193-425E-BEE3-A5E98764CEBC} - System32\Tasks\{672E7985-9A63-4161-BC46-54F3CC5D9478} => pcalua.exe -a C:\Users\nikhi\Downloads\softwares\B2CAppSetup.exe -d C:\Users\nikhi\Downloads\softwares
Task: {7AA89D3A-74EA-4341-9761-F07CAA059C43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {82EDC209-02FC-4CED-BB8D-DE9A1CD97D21} - System32\Tasks\{A09A70C0-C2A7-47BB-B167-CF0D76A67124} => C:\Users\nikhi\Downloads\PL2303_Prolific_DriverInstaller_v1.8.0.exe
Task: {9DE739CB-D71B-4BC4-9665-7A61C530209D} - System32\Tasks\{7B730A6D-459D-48C2-A97E-5BDBFE7F72FD} => C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {B8C3DEF1-95A2-4A30-B7B5-024ABD9A8CD3} - System32\Tasks\{62572284-90B3-4562-9980-071DE1F82323} => C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe
Task: {BF1EA1D7-FDB4-433F-B2CC-1402BC8290FC} - \Windows Updater No Task File <==== ATTENTION
Task: {C0780FB9-20CF-4B03-9396-B0DEECB31797} - System32\Tasks\{01247515-48A8-41A1-8064-CC78B4CB8FD7} => pcalua.exe -a C:\ProgramData\MovieMode\uninstall.exe -c /kb=y /ic=1
Task: {C20E7815-AB4F-4916-A161-56BCE6BBDC93} - \Escolade No Task File <==== ATTENTION
Task: {D2525DFF-B778-4999-8904-2E5EE763EF04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-22] (Google Inc.)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E5DEAE35-C6E6-45D1-95CD-1B893146BDAF} - \Your File Updater No Task File <==== ATTENTION
Task: {F2FB1D55-8648-4A5B-A95A-13DC8E7DABFA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-22] (Google Inc.)
Task: {F53661A2-8FFF-480F-BB20-3F68847A125D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001Core => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.)
Task: {FC091041-F8AA-4EDA-AC18-D628CAC28A20} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-29] (Adobe Systems Incorporated)
Task: {FFE0BE29-937F-4756-AAB6-87A38FD345BE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001Core.job => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001UA.job => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2011-08-19 22:04 - 2011-08-19 22:04 - 00095216 _____ () C:\Windows\system32\FAIEExtension.DLL
2015-06-24 01:05 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-06-24 01:05 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nikhi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.24.0.193 - 10.65.0.3

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^nikhi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^nikhi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^g.lnk => C:\Windows\pss\g.lnk.Startup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: FATrayAlert => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: GoldenFilterPro => C:\Program Files (x86)\Golden Filter Premium\GFPro.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_CC670EC9C0039784BBC144C8FE53E009 => "C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: Stage Remote => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57E03FB4-3E20-418D-8A2C-B8AA2A5332D4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4E419913-0DC4-47DC-B1E9-6934A5954146}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{C3AB7065-4D35-490F-A666-58114D2BBDFA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{44C08911-3351-464B-BAC2-7292C43B7629}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{14C1B747-2047-4ABE-BC4C-B91B1E25C785}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{693C0EB9-B2AF-4C2D-A797-631625FAE7B8}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{F5FC63CC-C6D0-46FA-9967-8E77293F8ED7}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{E6DE1E01-F508-4CEB-8479-1236EC410BD3}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{640335AE-D227-430B-B25B-0783170B14F2}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{CA3AA5BA-EF09-48AD-9F1B-6E64F9A63830}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{4128BC22-7283-4F22-8116-B86075F6C75D}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{A7D043D0-1B2B-4F6A-B2D9-EFD18D8E97FA}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{94C3E324-41E4-4A7F-A045-D3741F39A6C0}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{EF5F85A6-4522-4798-9BFF-C666E0116EB4}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{A2FECF16-01FC-4E81-859D-96C14E32EE07}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{2CE18008-9062-40DB-A288-0E0D87E374EB}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{676C7A2E-2DBD-4AC7-82BE-200F2911FD01}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B4CF26DC-6347-4C61-9E52-55990F185CA9}] => (Allow) LPort=2869
FirewallRules: [{73D24F49-FE9F-4EB1-94FA-B0C9D53B8EDC}] => (Allow) LPort=1900
FirewallRules: [{0120744C-7C11-461A-B920-5B82943075A8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{AAFAAD32-D29E-4C66-A30F-03074A9D2BD2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{5CEBE90B-1EC3-4469-8C8D-37B996953E8E}] => (Allow) C:\Program Files\dell stage\dell stage\accuweather\accuweather.exe
FirewallRules: [{864E3224-F19F-47AA-9D84-829AD8B1700F}] => (Allow) C:\Program Files\dell stage\musicstage\musicstageengine.exe
FirewallRules: [{41E549ED-764F-40F6-BF25-FAEA10B93BF7}] => (Allow) C:\Program Files\dell stage\dell stage\stage_primary.exe
FirewallRules: [{5E63BB37-1172-499D-B5B6-EAB7EDCF9915}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{0C1DCBCE-859C-4DFF-99B8-EBD14D8F34FB}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{E3A8D006-1B1B-4E89-9B2B-45C2490CCA6A}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{F442E654-6D28-4377-A703-B451AE4E843B}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [TCP Query User{810FEA20-E3C0-4217-9D4B-0212177EDF92}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [UDP Query User{D0D8032F-6026-425A-8645-76401752A483}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [TCP Query User{0C39954A-79DA-407B-B8E8-2661D93C7667}C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe] => (Block) C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe
FirewallRules: [UDP Query User{33FBE53B-A746-4BFE-B45C-95700DF23B6E}C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe] => (Block) C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe
FirewallRules: [TCP Query User{1B9EBD6B-97C7-42AD-9598-F65DD5232B61}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{BCD12F31-D5B9-45D9-B434-043FD4F7C971}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{4FF64CDB-1BA5-4219-9224-4BEDCFD5489B}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{0BCD5BBD-D961-4E23-A167-95FB870804C6}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{90A401A1-B3F2-4CF1-9AFA-1ADFFAF324F7}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{220B0D9A-1235-4BD7-A5AF-198446CC41D2}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{3F418A9F-A7C0-4ABE-8EE3-046DDCC785FC}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{6A7174C6-CAF5-4CC7-8460-E308606996CD}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{24BE5CF1-DFF4-4348-A8D8-946FA97B9BB6}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{F8872BE0-EED2-4AD9-8BD1-95C9579A21CF}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{60EEBC5A-2A21-49DE-B943-3AC833E14E91}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{C5A0FE71-F7F1-43DC-B7F5-9267AD9E95A2}] => (Allow) LPort=5353
FirewallRules: [{D70E6BFF-C322-4EBF-993D-866517E3A961}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{9893E50E-042E-44EB-A712-0991B432DE23}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{AB96A81E-4076-4E60-9AAA-992EC188866E}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{AE0CF48F-6646-4D83-85FE-1C400120B50F}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{7272560F-DE81-4E43-9911-14A3180EE40A}C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4954F0A5-8B90-4FD8-AFC0-847576F7D564}C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{9DB8C9F0-ECC5-4AA5-8E6D-64560BBCFA3E}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{A1D6BDD7-C5EF-484E-8ED9-45AEF0408274}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{FDA55C6B-0E12-47E2-9036-22AC7EA33EC0}C:\program files\java\jdk1.7.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\bin\java.exe
FirewallRules: [UDP Query User{0D74282A-31FC-4DD4-AA4B-3E0B34220BDD}C:\program files\java\jdk1.7.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\bin\java.exe
FirewallRules: [TCP Query User{250437BC-F23C-47F6-8028-5313E28E7275}C:\program files (x86)\android\android-studio\bin\studio64.exe] => (Allow) C:\program files (x86)\android\android-studio\bin\studio64.exe
FirewallRules: [UDP Query User{F379BC8D-F830-45C3-BA69-EB6228A3288B}C:\program files (x86)\android\android-studio\bin\studio64.exe] => (Allow) C:\program files (x86)\android\android-studio\bin\studio64.exe
FirewallRules: [TCP Query User{47B7B16C-67EF-4E97-88BC-624593F52DA8}C:\program files\java\jdk1.7.0_60\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\jre\bin\java.exe
FirewallRules: [UDP Query User{F0442609-6D2A-4A34-A9CA-85A390D48EDE}C:\program files\java\jdk1.7.0_60\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\jre\bin\java.exe
FirewallRules: [TCP Query User{4CE48181-88DD-4A42-992C-B51572E75D18}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [UDP Query User{332F1F2C-49F5-4411-AED1-C63BA4FE710A}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [TCP Query User{E0804482-C5A9-4C3C-BE58-B8BE379DA9EB}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{24C17EAA-74F6-47EC-95FB-89505AC68530}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{F419B112-696A-48E8-8D98-46BA46BC19EE}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{9681C9F6-6AB9-43E0-AB4D-F278B268E23C}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{D83D1521-1321-4D17-B448-57DA5413F2CF}C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [UDP Query User{B03C92F9-3EF9-426B-B4D8-F8246784B4DD}C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [{AFDC974E-3E64-4708-AB9A-140CFA1501D3}] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [{477D494A-3F48-46FD-A32A-34C7E6785124}] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [TCP Query User{2B9985E1-25B9-4ABD-8711-1B02A0042063}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe
FirewallRules: [UDP Query User{08155706-22DD-40A0-93A2-72A1929B8F86}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe
FirewallRules: [TCP Query User{4F0A93C1-66FE-4BE0-8C9B-792C73B993F0}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [UDP Query User{E573F712-A75B-4925-B9E0-B4C7008DA251}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [TCP Query User{D5B600C5-6B28-47A1-95AC-7F2B3307A6FB}C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe
FirewallRules: [UDP Query User{1853A4DD-D122-4B15-844B-031629E71C10}C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe
FirewallRules: [TCP Query User{F9DE120C-2106-4E27-BBDF-DF6CC59D404A}C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe
FirewallRules: [UDP Query User{7FCBB499-22B0-433E-B871-D236E8385087}C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe
FirewallRules: [TCP Query User{E81913A9-8BD8-4AD9-A8E7-237F2AAF48A5}C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe
FirewallRules: [UDP Query User{6C406757-605F-4FA1-91A2-3BAF720B5320}C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe
FirewallRules: [TCP Query User{5454FC32-A6AA-48B1-B559-C5DFEBEEF441}C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe
FirewallRules: [UDP Query User{6CF0E49C-FC62-4E5E-8635-82D047A6087A}C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe
FirewallRules: [TCP Query User{79FDC51A-4676-4ED2-93C9-8726C77CFB9D}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{7DE94361-7825-45BB-BAA6-63AEAF38B52C}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{CF7D2ED8-62ED-4A6D-8271-921850DA4C70}] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{1FD8DC0A-C0E3-4E54-B542-0DD4F6C3E0F1}] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{0B985C98-BF88-430D-9089-57631D4614EC}] => (Allow) C:\Users\nikhi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4D1B0604-3844-414D-BF89-1ABD481B382A}] => (Allow) C:\Users\nikhi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{AC2AC823-F388-48C4-A3B1-69A3BB84D5A0}F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{2909B1B1-3BE5-4BFD-9AEB-A02B17AA3886}F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{F3CDEB18-E7CA-40CA-A1D1-1A2423A47D3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{72FD2E2C-A1DD-43B7-9604-0D246A15A058}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E0C3D1A9-A19C-4532-80D7-2526CF524B80}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4DE08C36-ED08-415C-9878-002B1E0CC89F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{9DA4AA08-CC8B-433C-9266-E42DF3D679F5}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{2992B977-D4FC-4948-AB9E-DF8ADCFF616C}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{37C814DF-4C96-4359-AA7B-40C20068A274}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{3669A687-928A-472A-9DD8-24F6A1FD5FC4}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{A7CE81FB-007D-4B35-A7B8-E56AA7493D5D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8EC8B1F2-83A8-4639-AD50-F79E25CF3763}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5ACF1D23-CD8D-458B-9423-DECE408EEFA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{829E2A21-2ED2-4BB6-B314-5D0A5FA6B6AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A33A4DCD-FAD6-48B9-A8DF-93B3AD150794}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6CBC3B70-2569-4AFE-9BA4-57A5A5157043}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F7947D78-9C01-4E09-A82E-C1B85F665523}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\WolframCDFPlayer.exe
FirewallRules: [{F1CDE83C-FEDA-46F6-BC38-59F239B947F0}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\WolframCDFPlayer.exe
FirewallRules: [{92F139A6-B9A3-4F01-9530-FFEBF46A4F76}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\math.exe
FirewallRules: [{69F5A5EF-5CCA-4B31-93CC-978766132AB4}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\math.exe
FirewallRules: [{385CE409-7DD4-4AAE-9020-C7523685DD01}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\Mathematica.exe
FirewallRules: [{A1080F99-52C8-48DA-8418-54A741499544}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\Mathematica.exe
FirewallRules: [{992C6C23-48ED-44E5-9E57-A48316230081}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\MathKernel.exe
FirewallRules: [{13D724E2-FEA9-4211-B934-9997394FB451}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\MathKernel.exe
FirewallRules: [{777C2982-89CD-4C23-9ED0-58204330A8FC}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\math.exe
FirewallRules: [{EF19EA9D-A731-4D7E-A8AF-997B251858EA}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\math.exe
FirewallRules: [{407612F5-F561-4821-B1CF-426CB02157C3}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe

Offline avs nikhil

  • Bronze Member
  • Posts: 33
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #10 on: June 29, 2015, 06:00:14 AM »
Hi Kevin,

'Part 7' of the post

==================== Faulty Device Manager Devices =============

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2015 02:50:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:34:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:54:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:46:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:33:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:13:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:55:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/25/2015 03:05:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MEISP.exe, version: 1.0.0.1, time stamp: 0x3ca26467
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x55636317
Exception code: 0xc0000374
Fault offset: 0x000cea5f
Faulting process id: 0x22cc
Faulting application start time: 0xMEISP.exe0
Faulting application path: MEISP.exe1
Faulting module path: MEISP.exe2
Report Id: MEISP.exe3

Error: (06/25/2015 01:09:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/25/2015 08:04:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:43:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office:
=========================
Error: (06/29/2015 02:50:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:34:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:54:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:46:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:33:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:13:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:55:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/25/2015 03:05:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MEISP.exe1.0.0.13ca26467ntdll.dll6.1.7601.1886955636317c0000374000cea5f22cc01d0af2a2467f2cdC:\Program Files (x86)\Powergraphy\MEISP\MEISP.exeC:\Windows\SysWOW64\ntdll.dll82852a50-1b1d-11e5-899f-848f69ce5555

Error: (06/25/2015 01:09:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/25/2015 08:04:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz
Percentage of memory in use: 25%
Total physical RAM: 8083.88 MB
Available physical RAM: 6005.45 MB
Total Pagefile: 16165.97 MB
Available Pagefile: 14009.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:210.84 GB) (Free:53.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=210.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)

==================== End of log ============================

Offline avs nikhil

  • Bronze Member
  • Posts: 33
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #11 on: June 29, 2015, 06:02:27 AM »
Hi Kevin,

'Part 8' of the post

Here is the log file for rogue killer -

RogueKiller V10.8.7.0 [Jun 29 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : nikhi [Administrator]
Started from : C:\Users\nikhi\Desktop\RogueKiller.exe
Mode : Scan -- Date : 06/29/2015  16:57:53

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 13 ¤¤¤
[Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VSSS (C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe) -> Found
[Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VSSS (C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe) -> Found
[Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\VSSS (C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe) -> Found
[PUP|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WindowsMangerProtect (C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2052094510-1569341030-3252781033-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=10.93.0.37:3333;https=10.93.0.37:3333;ftp=10.93.0.37:3333  -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2052094510-1569341030-3252781033-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=10.93.0.37:3333;https=10.93.0.37:3333;ftp=10.93.0.37:3333  -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2052094510-1569341030-3252781033-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2052094510-1569341030-3252781033-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.24.0.193 10.65.0.3 [(Private Address) (XX)][(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.24.0.193 10.65.0.3 [(Private Address) (XX)][(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{039EE222-7F10-4B8F-B359-751EC810EF8B} | DhcpNameServer : 10.24.0.193 10.65.0.3 [(Private Address) (XX)][(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{039EE222-7F10-4B8F-B359-751EC810EF8B} | DhcpNameServer : 10.24.0.193 10.65.0.3 [(Private Address) (XX)][(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{039EE222-7F10-4B8F-B359-751EC810EF8B} | DhcpNameServer : 10.24.0.193 10.65.0.3 [(Private Address) (XX)][(Private Address) (XX)]  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 29 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts]    127.0.0.1       localhost
[C:\Windows\System32\drivers\etc\hosts]    ::1             localhost
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activate.adobe.com127.0.0.1            practivate.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            ereg.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            3dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            3dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            ereg.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate-sea.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            wwis-dubc1-vip60.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate-sjc0.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            practivate.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            ereg.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            3dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            3dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            ereg.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate-sea.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            wwis-dubc1-vip60.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate-sjc0.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 10.24.0.171   cclicserver.iitm.ac.in    leo

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000035f]) ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[PUM.Proxy][FIREFX:Config] emxei7vq.default : user_pref("network.proxy.http", "hproxy.iitm.ac.in"); -> Found
[PUM.Proxy][FIREFX:Config] emxei7vq.default : user_pref("network.proxy.http_port", 3128); -> Found

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG SSD PM830 2.5" 7 +++++
--- User ---
[MBR] 618b9c0929708248490251aa1ac42386
[BSP] dea9defa67a18cc486b8c709b2ee22f0 : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 212992 | Size: 20000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 41172992 | Size: 215900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] OS/2-HIBER (0x84) [HIDDEN!] Offset (sectors): 483340288 | Size: 8191 MB
User = LL1 ... OK
User = LL2 ... OK

End of Rogue killer log file content

Thank you very much for your time,
Nikhil

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #12 on: June 29, 2015, 09:40:28 AM »
Hello nikhil,

There are proxy servers running in Firefox and Internet Explorer are they trustworthy and known to you?

Next,

Lots of malware/infection active in your system, maybe will take a few steps to clean up..... Continue please;

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

See if your system will now run ok in Normal mode, if so run the following:

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.
'Could not load DDA driver'

  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.

To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

  • Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…

Next,

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the two logs....

Let me see those logs, give me update regarding the proxies also if any improvement..

Thank you,

Kevin..



Offline avs nikhil

  • Bronze Member
  • Posts: 33
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #13 on: June 29, 2015, 10:51:40 AM »
Hi Kevin,

I am a student at a university and I use institutes' LAN  for internet connection. The proxy servers are institute servers and can be trusted.

I couldn't find fixlist.txt file. Could u guide me to the file?

And, shall I try to start windows security essentials to see if that problem is resolved.

Thank you for your time,
Nikhil.
« Last Edit: June 29, 2015, 10:55:27 AM by avs nikhil »

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Cannot enable or update Windows Security Essentials
« Reply #14 on: June 29, 2015, 01:03:20 PM »
Hello nikhil,

Thanks for information on proxy servers etc, regarding fixlist.txt not sure what happened; iv` attached again to this reply...

After the fix is done continue with Malwarebytes, then you can try MSE. Regardless of whether MSE runs or not run FRST as instructed in my last reply and post the two new logs

thank you,

Kevin...

 

Click Here