SpywareHammer.com

SpywareHammer Malware Removal Forums => Completed Malware and Rootkit Removal Topics => Inactive Logs => Topic started by: avs nikhil on June 28, 2015, 04:14:43 PM

Title: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 28, 2015, 04:14:43 PM
When I open my laptop I notice a red icon marked with an X for my Microsoft security essentials.  As I open it, it states "PC status is at risk because your PC isn't being monitored because the app's service stopped.  You should start it now".  When I click "Start now" button nothing happens. Also i tried to start Microsoft  Anti-malware Service from service.msc but it gave me error 1067 : the process terminated unexpectedly - Microsoft Anti-malware Services.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840  BrowserJavaVersion: 10.65.2
Run by nikhi at 2:30:22 on 2015-06-29
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.61.1033.18.8084.2383 [GMT 5.5:30]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Connectify\ConnectifyService.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Connectify\ConnectifyD.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\SysWOW64\irstrtsv.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\xampp\mysql\bin\mysqld.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe
C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\GoogleCrashHandler.exe
C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Cypress\TrackPad\CyHidWin.exe
C:\Program Files\Cypress\TrackPad\CyCpIo.exe
C:\Windows\System32\rundll32.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell Update\DellUpService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Dell\DellDataVault\DellDataVault.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = Preserve
uProxyServer = hxxp=10.93.0.37:3333;https=10.93.0.37:3333;ftp=10.93.0.37:3333
uProxyOverride = <local>
uWindows: Load = C:\ProgramData\msnoduq.exe
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Face recognition web login for FastAccess: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} -
uRun: [GoogleChromeAutoLaunch_CC670EC9C0039784BBC144C8FE53E009] "C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Google Update] "C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_190_ActiveX.exe -update activex
mRun: [FAStartup] <no file>
StartupFolder: C:\Users\nikhi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: TaskbarNoNotification = dword:1
mPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
TCP: NameServer = 10.24.0.193 10.65.0.3
TCP: Interfaces\{039EE222-7F10-4B8F-B359-751EC810EF8B} : DHCPNameServer = 10.24.0.193 10.65.0.3
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\2656C6B696E6E2131656 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\2656C6B696E6E233669363 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\346494D223 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\34D43502C41424 : DHCPNameServer = 10.24.0.193 10.65.0.3
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\3516378616F574275697 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\3637372716F6F577966696 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\85254402C41626 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\9447F584562747A7F5778656E6F59405F5537484A7 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\D416C6C657F52456C6B696E6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}\D416C6C657F52456C6B696E6F5537484A7 : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages =  scecli FAPassSync
x64-mStart Page = about:blank
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Face recognition web login for FastAccess: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [CyHidWin] C:\Program Files\Cypress\TrackPad\CyHidWin.exe
x64-Run: [CyCpIo] C:\Program Files\Cypress\TrackPad\CyCpIo.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [VISIONTEK 3G USB MODEM] <no file>
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist Corporate\1084\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 10.24.0.171 cclicserver.iitm.ac.in leo
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\nikhi\AppData\Roaming\Mozilla\Firefox\Profiles\emxei7vq.default\
FF - prefs.js: network.proxy.ftp - hproxy.iitm.ac.in
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - hproxy.iitm.ac.in
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - hproxy.iitm.ac.in
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - hproxy.iitm.ac.in
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npCortona.dll
FF - plugin: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.1.0.5292844\npmathplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\nikhi\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2015-6-1 31560]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-3-29 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-3-29 21616]
R1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64;{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64;C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [2014-7-14 61112]
R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\System32\drivers\cnnctfy2.sys [2012-11-19 31344]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-1-31 283200]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2015-6-1 299664]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-3-29 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-20 661504]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-21 135440]
R2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2011-8-21 13312]
R2 DellDataVault;Dell Data Vault;C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2015-2-26 2557136]
R2 DellDataVaultWiz;Dell Data Vault Wizard;C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2015-2-26 201936]
R2 DellUpdate;Dell Update Service;C:\Program Files (x86)\Dell Update\DellUpService.exe [2015-5-20 232152]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2011-8-19 2451440]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-6-1 1152656]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2015-3-2 182696]
R2 irstrtsv;Intel(R) Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2012-3-29 184320]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-6-1 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-6-1 23006864]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-3-29 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-6-1 410768]
R2 SupportAssistAgent;Dell SupportAssist Agent;C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2015-4-10 19288]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-30 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-3-29 2656280]
R2 VSSS;Volume Shadow Copy Service;C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [2015-6-23 104873984]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2012-3-29 27760]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-10-20 195072]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-3-29 176096]
R3 cyhid;Cypress Input Device;C:\Windows\System32\drivers\cyhid.sys [2012-3-29 117248]
R3 cykbfltrService;Cypress Keyboard Filter Driver;C:\Windows\System32\drivers\cykbfltr.sys [2012-3-29 13824]
R3 cymfltrService;Cypress Trackpad Filter Driver;C:\Windows\System32\drivers\cymfltr.sys [2012-3-29 79872]
R3 DDDriver;DDDriver;C:\Windows\System32\drivers\DDDriver64Dcsa.sys [2015-2-26 23760]
R3 DellProf;DellProf;C:\Windows\System32\drivers\DellProf.sys [2015-2-26 23312]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-29 317440]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;C:\Windows\System32\drivers\irstrtdv.sys [2012-3-29 26504]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-5-17 25496]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-3-29 76912]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-3-29 95744]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-3-29 212992]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-6-1 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-6-1 38032]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 Flexlm Service 1;Flexlm Service 1;C:\SIMULIA\License\lmgrd.exe [2014-11-14 1767688]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 Texis Monitor;Texis Monitor;C:\SIMULIA\Documentation\monitor.exe [2014-10-17 4493312]
S2 WindowsMangerProtect;WindowsMangerProtect Service;C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service --> C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [?]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-10-20 195072]
S3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-19 51712]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-8-30 53760]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-10-11 288768]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-9-23 110336]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-25 238848]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-6-10 114688]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-3-29 158976]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-5-17 34200]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2012-3-29 172632]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-1 340240]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2015-3-4 124568]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2012-3-29 291648]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2013-5-13 27336]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2013-5-13 73216]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-9-23 206080]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-29 1255736]
S3 WCDMA_Datacard_Usb_Ser;WCDMA Datacard Multimedia USB Driver;C:\Windows\System32\drivers\WCDMA_Datacard_Usb_Ser.sys [2014-5-20 121088]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== File Associations ===============
.
FileExt: .js: JSFile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
.
=============== Created Last 30 ================
.
2015-06-25 09:30:04   --------   d-----w-   C:\Users\nikhi\AppData\Roaming\deskPDF
2015-06-25 07:41:15   1415680   ----a-w-   C:\Program Files\YCW7C7OZ.exe
2015-06-25 07:40:30   1415680   ----a-w-   C:\Program Files\KWU6420E.exe
2015-06-25 07:40:20   1415680   ----a-w-   C:\Program Files\KVALT195.exe
2015-06-25 07:40:10   1415680   ----a-w-   C:\Program Files\WY027MOY.exe
2015-06-25 07:39:58   1415680   ----a-w-   C:\Program Files\Y0579BG3.exe
2015-06-25 07:39:48   1415680   ----a-w-   C:\Program Files\OKSXZ46W.exe
2015-06-25 07:39:38   1415680   ----a-w-   C:\Program Files\KM138ACM.exe
2015-06-25 07:39:26   1415680   ----a-w-   C:\Program Files\NPUWY05S.exe
2015-06-25 07:39:16   1415680   ----a-w-   C:\Program Files\KYGOW4F8.exe
2015-06-25 07:39:06   1415680   ----a-w-   C:\Program Files\GINPR6BY.exe
2015-06-25 02:36:30   1415680   ----a-w-   C:\Program Files\J6N1LZX2.exe
2015-06-25 02:35:42   1415680   ----a-w-   C:\Program Files\0AL2AL5U.exe
2015-06-25 02:35:29   1415680   ----a-w-   C:\Program Files\0CA8KIGU.exe
2015-06-25 02:35:19   1415680   ----a-w-   C:\Program Files\MYWUS42G.exe
2015-06-25 02:35:09   1415680   ----a-w-   C:\Program Files\JOKV02KU.exe
2015-06-25 02:34:57   1415680   ----a-w-   C:\Program Files\57MOTVXK.exe
2015-06-25 02:34:47   1415680   ----a-w-   C:\Program Files\R2AIK19O.exe
2015-06-25 02:34:37   1415680   ----a-w-   C:\Program Files\ZEGINPRA.exe
2015-06-25 02:34:25   1415680   ----a-w-   C:\Program Files\Y0279BD3.exe
2015-06-25 02:34:15   1415680   ----a-w-   C:\Program Files\KPRWY02M.exe
2015-06-25 02:34:05   1415680   ----a-w-   C:\Program Files\SX5D27IT.exe
2015-06-25 02:33:55   12221144   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{772FA0AE-79EE-4E8E-8A4D-4518EF73DE55}\mpengine.dll
2015-06-25 01:24:09   929844   ----a-w-   C:\Windows\SysWow64\Mfc42d.dll
2015-06-25 01:24:09   798773   ----a-w-   C:\Windows\SysWow64\Mfco42d.dll
2015-06-25 01:24:09   565760   ----a-w-   C:\Windows\SysWow64\Msvcp50.dll
2015-06-25 01:24:09   516173   ----a-w-   C:\Windows\SysWow64\Msvcp60d.dll
2015-06-25 01:24:09   499782   ----a-w-   C:\Windows\SysWow64\CJ60Libd.dll
2015-06-25 01:24:09   427520   ----a-w-   C:\Windows\SysWow64\Dformd.dll
2015-06-25 01:24:09   420864   ----a-w-   C:\Windows\SysWow64\Dforrt.dll
2015-06-25 01:24:09   401484   ----a-w-   C:\Windows\SysWow64\Msvcrtd.dll
2015-06-25 01:24:09   36352   ----a-w-   C:\Windows\SysWow64\Sx32w.dll
2015-06-25 01:24:09   339968   ----a-w-   C:\Windows\SysWow64\QHTM.dll
2015-06-25 01:24:09   --------   d-----w-   C:\Program Files (x86)\Powergraphy
2015-06-25 01:22:55   303616   ----a-w-   C:\Windows\IsUninst.exe
2015-06-25 00:22:45   1415680   ----a-w-   C:\Program Files\CHJLNSUW.exe
2015-06-24 23:47:08   --------   d-----w-   C:\Program Files (x86)\Windows Resource Kits
2015-06-24 10:06:46   1415680   ----a-w-   C:\Program Files\79BGIKMR.exe
2015-06-24 10:06:42   1415680   ----a-w-   C:\Program Files\9BDFKMOE.exe
2015-06-24 09:45:18   --------   d-----w-   C:\Program Files (x86)\Microsoft Security Client
2015-06-24 09:45:17   --------   d-----w-   C:\Program Files\Microsoft Security Client
2015-06-24 07:21:05   --------   d-s---w-   C:\Windows\SysWow64\Microsoft
2015-06-24 06:59:12   --------   d-----w-   C:\SFCFix
2015-06-24 06:43:04   --------   d-----w-   C:\Users\nikhi\AppData\Local\niemiro
2015-06-23 19:40:28   --------   d-----w-   C:\Users\nikhi\AppData\Local\AvastSupport
2015-06-23 18:11:07   --------   d-----w-   C:\ProgramData\AVAST Software
2015-06-23 15:33:56   104873984   ----a-w-   C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
2015-06-16 17:46:23   --------   d-----w-   C:\Users\nikhi\AppData\Local\Help
2015-06-16 17:46:07   9216   ----a-w-   C:\Windows\SysWow64\ftlx0411.dll
2015-06-16 17:46:07   9216   ----a-w-   C:\Windows\System32\ftlx0411.dll
2015-06-16 17:46:07   296960   ----a-w-   C:\Windows\winhlp32.exe
2015-06-16 17:46:07   195072   ----a-w-   C:\Windows\SysWow64\ftsrch.dll
2015-06-16 17:46:07   195072   ----a-w-   C:\Windows\System32\ftsrch.dll
2015-06-16 17:46:07   10240   ----a-w-   C:\Windows\SysWow64\ftlx041e.dll
2015-06-16 17:46:07   10240   ----a-w-   C:\Windows\System32\ftlx041e.dll
2015-06-12 05:56:07   --------   d-----w-   C:\Program Files (x86)\Dell Update
2015-06-09 18:40:59   879104   ----a-w-   C:\Windows\System32\advapi32.dll
2015-06-08 04:10:57   --------   d-----w-   C:\Program Files\Common Files\Wolfram Research
2015-06-08 04:10:57   --------   d-----w-   C:\Program Files (x86)\Common Files\Wolfram Research
2015-06-08 04:10:57   --------   d-----w-   C:\Program Files (x86)\Common Files\ResearchSoft
2015-06-08 04:03:32   --------   d-----w-   C:\Program Files\Wolfram Research
2015-06-07 16:28:30   --------   d-----w-   C:\Users\nikhi\AppData\Roaming\IDM
2015-06-07 16:28:08   --------   d-----w-   C:\Program Files (x86)\Internet Download Manager
2015-06-07 07:20:30   --------   d-----w-   C:\Users\nikhi\AppData\Local\Wolfram Research
2015-06-06 10:57:57   --------   d-----w-   C:\Users\nikhi\AppData\Roaming\MathematicaPlayer
2015-06-06 10:57:57   --------   d-----w-   C:\Users\nikhi\AppData\Local\MathematicaPlayer
2015-06-06 10:57:57   --------   d-----w-   C:\ProgramData\MathematicaPlayer
2015-06-06 10:56:51   --------   d-----w-   C:\Program Files (x86)\Wolfram Research
2015-06-05 07:04:40   700416   ----a-w-   C:\Windows\System32\generaltel.dll
2015-06-05 07:04:40   1021440   ----a-w-   C:\Windows\System32\appraiser.dll
2015-06-05 07:04:39   757248   ----a-w-   C:\Windows\System32\invagent.dll
2015-06-05 07:04:39   45568   ----a-w-   C:\Windows\System32\acmigration.dll
2015-06-05 07:04:39   423424   ----a-w-   C:\Windows\System32\devinv.dll
2015-06-05 07:04:39   227328   ----a-w-   C:\Windows\System32\aepdu.dll
2015-06-05 07:04:39   193536   ----a-w-   C:\Windows\System32\aepic.dll
2015-06-05 07:04:39   1119232   ----a-w-   C:\Windows\System32\aeinv.dll
2015-06-03 04:55:28   --------   d-----w-   C:\Users\nikhi\AppData\Local\Windows Live
2015-06-03 04:55:26   --------   d-----w-   C:\Users\nikhi\AppData\Local\{A7FC2C82-9BB2-4D58-AED0-57B4037E5BB8}
2015-06-03 04:55:26   --------   d-----w-   C:\Users\nikhi\AppData\Local\{9ACA744F-466D-41A1-9370-3530A0354075}
2015-06-02 18:53:00   --------   d-----w-   C:\Users\nikhi\AppData\Local\Luiz Fernando
2015-06-02 18:48:31   --------   d-----w-   C:\Program Files (x86)\GIF Viewer
2015-06-01 15:07:35   --------   d-----w-   C:\Users\nikhi\AppData\Local\GWX
2015-06-01 15:04:04   --------   d-----w-   C:\Users\nikhi\AppData\Local\NVIDIA Corporation
2015-06-01 15:04:00   --------   d-----w-   C:\Users\nikhi\AppData\Local\NVIDIA
2015-06-01 15:00:18   1756424   ----a-w-   C:\Windows\System32\nvspbridge64.dll
2015-06-01 15:00:18   1571696   ----a-w-   C:\Windows\System32\nvspcap64.dll
2015-06-01 15:00:18   1320304   ----a-w-   C:\Windows\SysWow64\nvspcap.dll
2015-06-01 15:00:18   1316000   ----a-w-   C:\Windows\SysWow64\nvspbridge.dll
2015-06-01 14:59:46   571024   ----a-w-   C:\Windows\SysWow64\nvStreaming.exe
2015-06-01 14:59:44   --------   d-----w-   C:\Windows\SysWow64\NV
2015-06-01 14:59:44   --------   d-----w-   C:\Windows\System32\NV
2015-06-01 14:56:08   --------   d-----w-   C:\NVIDIA
2015-05-31 06:58:17   --------   d-----w-   C:\Program Files (x86)\EPUB File Reader
.
==================== Find3M  ====================
.
2015-06-24 02:40:06   778416   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2015-06-24 02:40:06   142512   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-28 04:15:30   937288   ----a-w-   C:\Windows\System32\nvvsvc.exe
2015-05-28 04:15:29   75080   ----a-w-   C:\Windows\System32\nv3dappshextr.dll
2015-05-28 04:15:29   62608   ----a-w-   C:\Windows\System32\nvshext.dll
2015-05-28 04:15:29   385168   ----a-w-   C:\Windows\System32\nvmctray.dll
2015-05-28 04:15:29   3491984   ----a-w-   C:\Windows\System32\nvsvc64.dll
2015-05-28 04:15:29   2558608   ----a-w-   C:\Windows\System32\nvsvcr.dll
2015-05-28 04:15:29   1059472   ----a-w-   C:\Windows\System32\nv3dappshext.dll
2015-05-28 04:15:28   6872904   ----a-w-   C:\Windows\System32\nvcpl.dll
2015-05-27 10:48:20   4408727   ----a-w-   C:\Windows\System32\nvcoproc.bin
2015-05-26 18:56:04   377   ----a-w-   C:\Windows\SysWow64\Delete.bat
2015-05-26 18:53:11   40960   ----a-w-   C:\Windows\SysWow64\nwsftUninstall.exe
2015-05-25 18:24:00   5569984   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2015-05-25 18:23:59   95680   ----a-w-   C:\Windows\System32\drivers\ksecdd.sys
2015-05-25 18:23:59   155584   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
2015-05-25 18:21:21   1728960   ----a-w-   C:\Windows\System32\ntdll.dll
2015-05-25 18:18:56   43520   ----a-w-   C:\Windows\System32\csrsrv.dll
2015-05-25 18:18:56   22016   ----a-w-   C:\Windows\System32\credssp.dll
2015-05-25 18:18:45   47104   ----a-w-   C:\Windows\System32\typeperf.exe
2015-05-25 18:18:45   404992   ----a-w-   C:\Windows\System32\tracerpt.exe
2015-05-25 18:18:39   112640   ----a-w-   C:\Windows\System32\smss.exe
2015-05-25 18:18:32   296960   ----a-w-   C:\Windows\System32\rstrui.exe
2015-05-25 18:18:30   43008   ----a-w-   C:\Windows\System32\relog.exe
2015-05-25 18:18:19   31232   ----a-w-   C:\Windows\System32\lsass.exe
2015-05-25 18:18:19   104448   ----a-w-   C:\Windows\System32\logman.exe
2015-05-25 18:18:11   19456   ----a-w-   C:\Windows\System32\diskperf.exe
2015-05-25 18:18:08   338432   ----a-w-   C:\Windows\System32\conhost.exe
2015-05-25 18:18:04   64000   ----a-w-   C:\Windows\System32\auditpol.exe
2015-05-25 18:14:26   60416   ----a-w-   C:\Windows\System32\msobjs.dll
2015-05-25 18:14:04   146432   ----a-w-   C:\Windows\System32\msaudite.dll
2015-05-25 18:07:34   3989440   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07:34   3934144   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04:08   1310744   ----a-w-   C:\Windows\SysWow64\ntdll.dll
2015-05-25 18:00:44   40448   ----a-w-   C:\Windows\SysWow64\typeperf.exe
2015-05-25 18:00:40   364544   ----a-w-   C:\Windows\SysWow64\tracerpt.exe
2015-05-25 18:00:28   25600   ----a-w-   C:\Windows\SysWow64\setup16.exe
2015-05-25 18:00:25   37888   ----a-w-   C:\Windows\SysWow64\relog.exe
2015-05-25 18:00:17   82944   ----a-w-   C:\Windows\SysWow64\logman.exe
2015-05-25 18:00:09   17408   ----a-w-   C:\Windows\SysWow64\diskperf.exe
2015-05-25 18:00:04   50176   ----a-w-   C:\Windows\SysWow64\auditpol.exe
2015-05-25 17:59:52   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2015-05-25 17:59:52   5120   ----a-w-   C:\Windows\SysWow64\wow32.dll
2015-05-25 17:59:51   274944   ----a-w-   C:\Windows\SysWow64\KernelBase.dll
2015-05-25 17:57:31   60416   ----a-w-   C:\Windows\SysWow64\msobjs.dll
2015-05-25 17:57:15   146432   ----a-w-   C:\Windows\SysWow64\msaudite.dll
2015-05-25 17:08:39   3206144   ----a-w-   C:\Windows\System32\win32k.sys
2015-05-25 17:00:56   36864   ----a-w-   C:\Windows\System32\UtcResources.dll
2015-05-25 16:50:38   7680   ----a-w-   C:\Windows\SysWow64\instnm.exe
2015-05-25 16:50:36   2048   ----a-w-   C:\Windows\SysWow64\user.exe
2015-05-25 16:48:25   6144   ---ha-w-   C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-05-25 16:48:25   4608   ---ha-w-   C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 16:48:25   3584   ---ha-w-   C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 16:48:25   3072   ---ha-w-   C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-05-23 03:28:17   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2015-05-23 03:15:54   503808   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2015-05-23 03:15:40   62464   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2015-05-23 03:15:02   47616   ----a-w-   C:\Windows\SysWow64\ieetwproxystub.dll
2015-05-23 03:14:51   341504   ----a-w-   C:\Windows\SysWow64\html.iec
2015-05-23 03:13:48   64000   ----a-w-   C:\Windows\SysWow64\MshtmlDac.dll
2015-05-23 03:05:21   115712   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2015-05-23 03:04:50   620032   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2015-05-23 02:52:43   60416   ----a-w-   C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-05-23 02:47:31   4305920   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2015-05-23 02:37:45   2052608   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2015-05-23 02:37:25   1155072   ----a-w-   C:\Windows\SysWow64\mshtmlmedia.dll
2015-05-23 02:20:35   1950720   ----a-w-   C:\Windows\SysWow64\wininet.dll
2015-05-22 19:16:55   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2015-05-22 19:16:44   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2015-05-22 19:01:42   66560   ----a-w-   C:\Windows\System32\iesetup.dll
2015-05-22 19:00:54   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2015-05-22 19:00:47   417792   ----a-w-   C:\Windows\System32\html.iec
2015-05-22 19:00:25   584192   ----a-w-   C:\Windows\System32\vbscript.dll
2015-05-22 18:59:27   88064   ----a-w-   C:\Windows\System32\MshtmlDac.dll
2015-05-22 18:52:21   6026240   ----a-w-   C:\Windows\System32\jscript9.dll
2015-05-22 18:47:49   144384   ----a-w-   C:\Windows\System32\ieUnatt.exe
2015-05-22 18:47:34   114688   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2015-05-22 18:47:03   814080   ----a-w-   C:\Windows\System32\jscript9diag.dll
2015-05-22 18:40:17   968704   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2015-05-22 18:29:31   77824   ----a-w-   C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-05-22 18:05:28   1359360   ----a-w-   C:\Windows\System32\mshtmlmedia.dll
2015-05-22 18:05:06   2125824   ----a-w-   C:\Windows\System32\inetcpl.cpl
2015-05-22 17:50:20   2426880   ----a-w-   C:\Windows\System32\wininet.dll
2015-05-01 13:17:03   124112   ----a-w-   C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16:41   102608   ----a-w-   C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-29 18:21:50   5120   ----a-w-   C:\Windows\System32\msdxm.ocx
2015-04-29 18:21:50   5120   ----a-w-   C:\Windows\System32\dxmasf.dll
2015-04-29 18:21:46   9728   ----a-w-   C:\Windows\System32\spwmp.dll
2015-04-29 18:19:43   12625920   ----a-w-   C:\Windows\System32\wmploc.DLL
2015-04-29 18:07:12   4096   ----a-w-   C:\Windows\SysWow64\msdxm.ocx
2015-04-29 18:07:12   4096   ----a-w-   C:\Windows\SysWow64\dxmasf.dll
2015-04-29 18:07:07   8192   ----a-w-   C:\Windows\SysWow64\spwmp.dll
2015-04-29 18:05:19   12625408   ----a-w-   C:\Windows\SysWow64\wmploc.DLL
2015-04-24 18:17:26   633856   ----a-w-   C:\Windows\System32\comctl32.dll
2015-04-24 17:56:58   530432   ----a-w-   C:\Windows\SysWow64\comctl32.dll
2015-04-20 03:17:07   1647104   ----a-w-   C:\Windows\System32\DWrite.dll
2015-04-20 03:17:07   1179136   ----a-w-   C:\Windows\System32\FntCache.dll
2015-04-20 02:56:29   1250816   ----a-w-   C:\Windows\SysWow64\DWrite.dll
2015-04-18 03:10:57   460800   ----a-w-   C:\Windows\System32\certcli.dll
2015-04-18 02:56:57   342016   ----a-w-   C:\Windows\SysWow64\certcli.dll
.
============= FINISH:  2:30:35.20 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 30/04/2012 7:26:32 AM
System Uptime: 25/06/2015 1:08:49 PM (85 hours ago)
.
Motherboard: Dell Inc. |  | 00WW5M
Processor: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz | CPU | 2801/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 211 GiB total, 34.741 GiB free.
D: is CDROM ()
G: is CDROM ()
Y: is FIXED (NTFS) - 20 GiB total, 10.514 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
.
==== End Of File ===========================

Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 28, 2015, 05:02:07 PM
Hello and welcome to SpywareHammer,

My screen name is kevinf80, either that or Kevin is good for replies. Ok lets continue:

P2P/illegal software Warning:

Quote
If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here. Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the Forum policy on P2P and Illegal Software (http://spywarehammer.com/index.php?topic=12261.0).

Next,

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

(https://dl.dropboxusercontent.com/u/6063925/GeeksToGo/Icons/Chrome.JPG) Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. (https://dl.dropboxusercontent.com/u/6063925/GeeksToGo/Chrome/Settings.JPG)
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

(https://dl.dropboxusercontent.com/u/6063925/GeeksToGo/Icons/Firefox.JPG) Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. (https://dl.dropboxusercontent.com/u/6063925/GeeksToGo/Firefox/Settings.JPG) Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

(https://dl.dropboxusercontent.com/u/6063925/GeeksToGo/Icons/IE.jpg) Internet Explorer - Click the Tools menu in the upper right-corner of the browser. (https://dl.dropboxusercontent.com/u/6063925/GeeksToGo/IE/Tools.JPG) Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Next,

Follow the instructions in the following link to show hidden files:

http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/ (http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/)

Next,

Please open Malwarebytes Anti-Malware.

'Could not load DDA driver'


To get the log from Malwarebytes do the following:



If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware (http://downloads.malwarebytes.org/file/mbam) to your desktop.
Next,

Download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either accept the alert or disable your security and allow FRST to run...

Next,

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/ (http://www.bleepingcomputer.com/download/roguekiller/)


C:\Programdata\RogueKiller\Logs <-------- W7/8
C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <------XP


Let me see those logs in your reply....

Thank you,

Kevin...
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 01:59:06 AM
Hi kevin,

I have uninstalled all the P2P software (DC++ and utorrent) from my PC. Please do inform me if i need to remove any other software.

I've also changed the destination folder for downloads to desktop.

i've downloaded MBAM (MalwareBytes' anti malware) and followed the installation procedure.

BUT nothing happens when i launch MBAM. I tried running as administrator also, but with no luck.

Shall i Continue with rest of ur instructions, skipping this step?

Thank you very much for your efforts!!

Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 29, 2015, 03:35:09 AM
Hello avs nikhil,

Thanks for the repy/update, yes continue and missout out any steps that will not run..

Kevin..
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 05:45:27 AM
Hi Kevin,

U can call me Nikhil. All the log files wont fit in one post, so i'm splitting them into two posts. 'Part 1'

I installed MBAM in safe mode and it ran successfully. Here is the log file content -

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 29/06/2015
Scan Time: 2:39:23 PM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.03.09.05
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: nikhi

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 386868
Time Elapsed: 7 min, 27 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64, Quarantined, [3247142fa4e6d85ea0c94f7da85b7f81],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, Quarantined, [bcbdfc47494188ae553e08acfc0743bd],
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, Quarantined, [68111e255436ea4c23b37942e023d927],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [1e5b96ad147663d3b42310ab0ef5f808],
PUP.Optional.FastStart.A, HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\SOFTWARE\MOZILLA\EXTENDS, Quarantined, [4c2d1a296129c86e00b5a61d45beac54],

Registry Values: 3
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_in_26, Quarantined, [fe7bf84b37538caaed5c3fa3f211ac54],
Trojan.Agent, HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load, C:\ProgramData\msnoduq.exe, Quarantined, [30493211bdcd7eb8c063f66f60a4dd23]
PUP.Optional.FastStart.A, HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Quarantined, [4c2d1a296129c86e00b5a61d45beac54]

Registry Data: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[b9c047fc5139999d465498493acbea16]

Folders: 1
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, Quarantined, [2e4b59ea107ab97d20b0fed06a997a86],

Files: 6
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys, Delete-on-Reboot, [6e1523e50082141bcad5ac6315c3d331],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, Quarantined, [2e4b59ea107ab97d20b0fed06a997a86],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, Quarantined, [2e4b59ea107ab97d20b0fed06a997a86],
PUP.Optional.Vbates.A, C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljmibnagodajacnnbifpamhggcohblip_0.localstorage, Quarantined, [28515ae9494194a2d25c319ef1123fc1],
PUP.Optional.Vbates.A, C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljmibnagodajacnnbifpamhggcohblip_0.localstorage-journal, Quarantined, [087158eb2f5bb482b27c705f9370a65a],
PUP.Optional.WebsSearches.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml, Quarantined, [3742a99a5f2b7fb728d802e7f80b43bd],

Physical Sectors: 0
(No malicious items detected)


(end)
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 05:51:33 AM
Hi Kevin,

'part 2' of the post

I installed Faber recovery scan tool in safe mode with networking. It ran successfully. Here is the FRST text file content-

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by nikhi (administrator) on NIKHIL-PC on 29-06-2015 16:46:16
Running from C:\Users\nikhi\Desktop
Loaded Profiles: nikhi (Available Profiles: nikhi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7214696 2011-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4146848 2011-07-13] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-11-01] (Intel(R) Corporation)
HKLM\...\Run: [CyHidWin] => C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2354176 2011-10-19] (Cypress Semiconductor, Inc.)
HKLM\...\Run: [CyCpIo] => C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2375168 2011-11-09] (Cypress Semiconductor Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [VISIONTEK 3G USB MODEM] => [X]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [96240 2011-08-19] (Sensible Vision )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-04-14] (Malwarebytes Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist Corporate\1084\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2011-08-19] (Sensible Vision )
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Run: [GoogleChromeAutoLaunch_CC670EC9C0039784BBC144C8FE53E009] => C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Run: [Google Update] => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-29] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175880 2015-05-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-28] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\nikhi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk [2013-09-01]
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-2052094510-1569341030-3252781033-1001] => http=10.93.0.37:3333;https=10.93.0.37:3333;ftp=10.93.0.37:3333
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {866926D5-EF0F-4343-98DC-FEDF90CF55CA} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {866926D5-EF0F-4343-98DC-FEDF90CF55CA} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001 -> {866926D5-EF0F-4343-98DC-FEDF90CF55CA} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2011-08-19] (Sensible Vision )
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-29] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2011-08-19] (Sensible Vision )
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-29] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.24.0.193 10.65.0.3
Tcpip\..\Interfaces\{039EE222-7F10-4B8F-B359-751EC810EF8B}: [DhcpNameServer] 10.24.0.193 10.65.0.3
Tcpip\..\Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\nikhi\AppData\Roaming\Mozilla\Firefox\Profiles\emxei7vq.default
FF NetworkProxy: "backup.ftp", "hproxy.iitm.ac.in"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "hproxy.iitm.ac.in"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "hproxy.iitm.ac.in"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "hproxy.iitm.ac.in"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "hproxy.iitm.ac.in"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "hproxy.iitm.ac.in"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "hproxy.iitm.ac.in"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npCortona.dll [2009-06-01] (ParallelGraphics)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.1.0.5292844\npmathplugin.dll [2015-03-24] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2052094510-1569341030-3252781033-1001: @citrixonline.com/appdetectorplugin -> C:\Users\nikhi\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-27] (Citrix Online)
FF Plugin HKU\S-1-5-21-2052094510-1569341030-3252781033-1001: @tools.google.com/Google Update;version=3 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-2052094510-1569341030-3252781033-1001: @tools.google.com/Google Update;version=9 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-13] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCortona.dll [2009-06-01] (ParallelGraphics)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\nikhi\AppData\Roaming\Mozilla\Firefox\Profiles\emxei7vq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2012-03-29]

Chrome:
=======
CHR Profile: C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-27]
CHR Extension: (YouTube) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-29]
CHR Extension: (Google Search) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-29]
CHR Extension: (FlashCards) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\diejjofgldkjkhmfjagdjdodjebpglhb [2012-07-29]
CHR Extension: (Dropbox for Gmail) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-06-29]
CHR Extension: (Proxy SwitchySharp) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2012-11-01]
CHR Extension: (Gmail Offline) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2012-10-03]
CHR Extension: (Web Lab) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgacgeibpdjllcjckbmgecpahipdjabe [2012-07-29]
CHR Extension: (Downloads Router) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkboeogiiklpklnjgdiaghaiehcknjo [2015-06-04]
CHR Extension: (AdBlock) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-04]
CHR Extension: (AdBlock Plus) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\golcpiifbdpfpldfmjjlgjcocfllkkam [2014-07-14]
CHR Extension: (Wiki-It) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\himihkiolakpnmfdkgdjnakpbiibabea [2013-08-27]
CHR Extension: (mysms - SMS from Computer) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2012-10-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Tom Sachs) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lppegiodmddaaljhkfjokkepamifbekj [2012-07-29]
CHR Extension: (Google Wallet) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Type Fu (hosted)) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo [2012-07-29]
CHR Extension: (Recent Bookmarks) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\olndffocioplakeilhkgenfgdincjlpn [2013-12-01]
CHR Extension: (Gmail) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-29]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [13312 2011-08-21] () [File not signed]
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
S2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232152 2015-05-20] (Dell Inc.)
S2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2451440 2011-08-19] (Sensible Vision ) [File not signed]
S2 Flexlm Service 1; C:\SIMULIA\License\lmgrd.exe [1767688 2011-07-18] (Acresso Software Inc.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-28] (NVIDIA Corporation)
S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1084\G2AC_Service.exe [310080 2015-03-27] (Citrix Online, a division of Citrix Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation)
S2 mysql; c:\xampp\mysql\bin\mysqld.exe [8158720 2011-09-09] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-11-01] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-28] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-28] (NVIDIA Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
S2 Texis Monitor; C:\SIMULIA\Documentation\monitor.exe [4493312 2013-01-17] (Expansion Programs International, Inc.) [File not signed]
S2 VSSS; C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [104873984 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION
S3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [31344 2012-11-19] (Connectify)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R3 cyhid; C:\Windows\System32\DRIVERS\cyhid.sys [117248 2011-12-09] (Cypress Semiconductor, Inc.)
R3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [13824 2011-12-09] (Cypress Semiconductor, Inc.)
R3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [79872 2011-12-09] (Cypress Semiconductor, Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-31] (DT Soft Ltd)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-05-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-28] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation)
S3 WCDMA_Datacard_Usb_Ser; C:\Windows\System32\DRIVERS\WCDMA_Datacard_Usb_Ser.sys [121088 2013-01-15] (QUALCOMM Incorporated)
S1 crioevuo; \??\C:\Windows\system32\drivers\crioevuo.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S1 kqhtcgrc; \??\C:\Windows\system32\drivers\kqhtcgrc.sys [X]
S2 NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [X]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 05:53:04 AM
Hi kevin,

'Part 3' of the post

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-29 16:46 - 2015-06-29 16:46 - 00023896 _____ C:\Users\nikhi\Desktop\FRST.txt
2015-06-29 16:46 - 2015-06-29 16:46 - 00000000 ____D C:\FRST
2015-06-29 16:45 - 2015-06-29 16:45 - 02112512 _____ (Farbar) C:\Users\nikhi\Desktop\FRST64.exe
2015-06-29 14:34 - 2015-06-29 16:41 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-29 14:34 - 2015-06-29 14:34 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-29 14:34 - 2015-06-29 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-29 14:34 - 2015-06-29 14:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-29 14:34 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-29 14:34 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-29 14:34 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-29 14:30 - 2015-06-29 14:30 - 01415680 _____ (wj32) C:\Program Files\PUWY057U.exe
2015-06-29 13:30 - 2015-06-29 13:30 - 00000000 ____D C:\Users\nikhi\Desktop\images
2015-06-29 13:00 - 2015-06-29 13:00 - 01415680 _____ (wj32) C:\Program Files\WY35ACHG.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\YW8642EC.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\YDIKPRT3.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\U6420CAO.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\35ACEGLN.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\KSUZ135S.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\EA62YUKA.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\9EGIKPRY.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\8ACEJLND.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\2468APUH.exe
2015-06-29 12:54 - 2015-06-29 12:54 - 01415680 _____ (wj32) C:\Program Files\MLE7O5G3.exe
2015-06-29 12:54 - 2015-06-29 12:54 - 01415680 _____ (wj32) C:\Program Files\168ACHG6.exe
2015-06-29 12:52 - 2015-06-29 12:52 - 00689664 _____ C:\Users\nikhi\Downloads\MicrosoftFixit50202.msi
2015-06-29 12:48 - 2015-06-29 12:48 - 01415680 _____ (wj32) C:\Program Files\KOMKWUSK.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 01415680 _____ (wj32) C:\Program Files\ECOMKWUU.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 01415680 _____ (wj32) C:\Program Files\168ACUWJ.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\YDKM68SU.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\VXZ16LNX.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\OKVXZEJ6.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\NSXZ4MOE.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\N579BGIS.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\68DFHMO8.exe
2015-06-29 12:46 - 2015-06-29 12:46 - 01415680 _____ (wj32) C:\Program Files\DFHM135V.exe
2015-06-29 12:40 - 2015-06-29 12:40 - 00000774 _____ C:\Users\nikhi\Desktop\chromehtml.reg
2015-06-29 12:35 - 2015-06-29 12:35 - 01415680 _____ (wj32) C:\Program Files\X5XBXJR1.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 01415680 _____ (wj32) C:\Program Files\AMKIGSK8.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 01415680 _____ (wj32) C:\Program Files\9BGINPRH.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\X2468D0K.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\KY6HP081.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\HJY357X4.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\246BDFH4.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\0249BT3T.exe
2015-06-29 12:33 - 2015-06-29 12:33 - 01415680 _____ (wj32) C:\Program Files\KMOKVX2V.exe
2015-06-29 12:28 - 2015-06-29 12:28 - 01415680 _____ (wj32) C:\Program Files\SUZ135AX.exe
2015-06-29 12:28 - 2015-06-29 12:28 - 01415680 _____ (wj32) C:\Program Files\KDRSF5S0.exe
2015-06-29 12:25 - 2015-06-29 12:26 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\nikhi\Desktop\mbam-setup-2.1.6.1022 (1).exe
2015-06-29 12:15 - 2015-06-29 12:15 - 01415680 _____ (wj32) C:\Program Files\FHMOKSAC.exe
2015-06-29 12:15 - 2015-06-29 12:15 - 01415680 _____ (wj32) C:\Program Files\BDFHMOTV.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\YWUS420Y.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\MOTVXZ46.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\KGC2VIBR.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\FHJLKSUK.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\EKOMKWUS.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\RTV0FHJW.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\NV3ET19K.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\9BDSXZ13.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\13LNPRWY.exe
2015-06-29 12:10 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\9BDIKPRE.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 01415680 _____ (wj32) C:\Program Files\WYDFKMO1.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 01415680 _____ (wj32) C:\Program Files\8AFHJLKA.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 01415680 _____ (wj32) C:\Program Files\51XKMI5M.exe
2015-06-29 12:09 - 2015-06-29 12:09 - 01415680 _____ (wj32) C:\Program Files\4FZM9D05.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 01415680 _____ (wj32) C:\Program Files\SKY3B6E4.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 01415680 _____ (wj32) C:\Program Files\KD92YREJ.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-29 11:52 - 2015-06-29 11:52 - 04800856 _____ (McAfee, Inc.) C:\Users\nikhi\Desktop\MCPR.exe
2015-06-29 03:04 - 2015-06-29 03:04 - 37328992 _____ (Oracle Corporation) C:\Users\nikhi\Downloads\jre-8u45-windows-i586.exe
2015-06-29 02:57 - 2015-06-29 02:57 - 01415680 _____ (wj32) C:\Program Files\PRTV027U.exe
2015-06-29 02:57 - 2015-06-29 02:57 - 01415680 _____ (wj32) C:\Program Files\5P6TAKDR.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\VDFHJOKD.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\SK20YWA8.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\MKIUSK42.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\IKMOTVXN.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\GECA86II.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\XZ168AC2.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\W1357CE4.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\KVX2468Y.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\GINPRTYL.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\79BGI0ZP.exe
2015-06-29 02:30 - 2015-06-29 02:30 - 00040895 _____ C:\Users\nikhi\Desktop\dds.txt
2015-06-29 02:30 - 2015-06-29 02:30 - 00001331 _____ C:\Users\nikhi\Desktop\attach.txt
2015-06-29 02:25 - 2015-06-29 02:25 - 00688992 ____R (Swearware) C:\Users\nikhi\Desktop\dds.com
2015-06-25 15:00 - 2015-06-25 15:00 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\deskPDF
2015-06-25 13:11 - 2015-06-25 13:11 - 01415680 _____ (wj32) C:\Program Files\YCW7C7OZ.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 01415680 _____ (wj32) C:\Program Files\WY027MOY.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 01415680 _____ (wj32) C:\Program Files\KWU6420E.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 01415680 _____ (wj32) C:\Program Files\KVALT195.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\Y0579BG3.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\OKSXZ46W.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\NPUWY05S.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\KYGOW4F8.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\KM138ACM.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\GINPR6BY.exe
2015-06-25 12:02 - 2015-06-29 11:51 - 00000000 ____D C:\Users\nikhi\Desktop\malware removal
2015-06-25 11:59 - 2015-06-25 16:55 - 00000106 _____ C:\Windows\FitCtrl.ini
2015-06-25 11:53 - 2000-09-17 12:51 - 00002279 _____ C:\Users\nikhi\Documents\M05-01.z
2015-06-25 08:06 - 2015-06-25 08:06 - 01415680 _____ (wj32) C:\Program Files\J6N1LZX2.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\MYWUS42G.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\JOKV02KU.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\0CA8KIGU.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\0AL2AL5U.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\ZEGINPRA.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\Y0279BD3.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\SX5D27IT.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\R2AIK19O.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\KPRWY02M.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\57MOTVXK.exe
2015-06-25 06:55 - 2015-06-25 06:55 - 00003250 _____ C:\Windows\System32\Tasks\{C6E22D41-2256-4CFB-9331-2B5F6A64CE4D}
2015-06-25 06:54 - 2015-06-25 06:54 - 00001121 _____ C:\Users\Public\Desktop\MEISP trial version.lnk
2015-06-25 06:54 - 2015-06-25 06:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Powergraphy
2015-06-25 06:54 - 2015-06-25 06:54 - 00000000 ____D C:\Program Files (x86)\Powergraphy
2015-06-25 06:54 - 2001-09-02 08:04 - 00339968 _____ (GipsySoft) C:\Windows\SysWOW64\QHTM.dll
2015-06-25 06:54 - 1999-06-24 14:50 - 00499782 _____ (Code Jockey: http://www.codejockeys.com/kstowell/) C:\Windows\SysWOW64\CJ60Libd.dll
2015-06-25 06:54 - 1999-03-22 23:00 - 00401484 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcrtd.dll
2015-06-25 06:54 - 1999-01-14 04:10 - 00036352 _____ C:\Windows\SysWOW64\Sx32w.dll
2015-06-25 06:54 - 1998-11-17 18:27 - 00427520 _____ (Digital Equipment Corporation) C:\Windows\SysWOW64\Dformd.dll
2015-06-25 06:54 - 1998-11-17 18:25 - 00420864 _____ (Digital Equipment Corporation) C:\Windows\SysWOW64\Dforrt.dll
2015-06-25 06:54 - 1998-09-24 23:00 - 00929844 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42d.dll
2015-06-25 06:54 - 1998-09-24 23:00 - 00798773 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfco42d.dll
2015-06-25 06:54 - 1998-06-16 23:00 - 00516173 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcp60d.dll
2015-06-25 06:54 - 1997-10-03 09:06 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcp50.dll
2015-06-25 06:52 - 1997-11-19 15:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-06-25 05:52 - 2015-06-25 05:52 - 01415680 _____ (wj32) C:\Program Files\CHJLNSUW.exe
2015-06-25 05:17 - 2015-06-25 05:17 - 00000000 ____D C:\Program Files (x86)\Windows Resource Kits
2015-06-24 15:36 - 2015-06-24 15:36 - 01415680 _____ (wj32) C:\Program Files\9BDFKMOE.exe
2015-06-24 15:36 - 2015-06-24 15:36 - 01415680 _____ (wj32) C:\Program Files\79BGIKMR.exe
2015-06-24 15:15 - 2015-06-24 15:15 - 00002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-06-24 15:15 - 2015-06-24 15:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-24 15:15 - 2015-06-24 15:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-06-24 12:29 - 2015-06-24 12:30 - 00000000 ____D C:\SFCFix
2015-06-24 12:13 - 2015-06-24 12:30 - 00000000 ____D C:\Users\nikhi\AppData\Local\niemiro
2015-06-24 01:10 - 2015-06-24 12:48 - 00000198 _____ C:\Users\nikhi\AppData\Local\Support.ini
2015-06-24 01:10 - 2015-06-24 12:46 - 00000000 ____D C:\Users\nikhi\AppData\Local\AvastSupport
2015-06-24 01:06 - 2015-06-24 01:06 - 00661128 _____ (AVAST Software) C:\Users\nikhi\Downloads\avastsupport.exe
2015-06-23 23:56 - 2015-06-24 00:09 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-23 23:41 - 2015-06-24 13:00 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-16 23:23 - 2015-06-13 13:04 - 03099085 _____ C:\Users\nikhi\Downloads\LEVMWL.zip
2015-06-16 23:16 - 2015-06-25 14:06 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\Help
2015-06-16 23:16 - 2015-06-25 14:04 - 00000000 ____D C:\Users\nikhi\AppData\Local\Help
2015-06-16 23:16 - 2009-08-04 23:26 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2015-06-16 23:16 - 2009-08-04 23:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2015-06-16 23:15 - 2015-06-16 23:15 - 00718172 _____ C:\Users\nikhi\Downloads\Windows6.1-KB917607-x64.msu
2015-06-12 11:26 - 2015-06-12 11:26 - 00000000 ____D C:\Program Files (x86)\Dell Update
2015-06-10 00:11 - 2015-06-02 00:46 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 00:11 - 2015-06-01 23:37 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 00:11 - 2015-05-27 20:05 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 00:11 - 2015-05-27 19:38 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 00:11 - 2015-05-25 23:49 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 00:11 - 2015-05-23 08:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 00:11 - 2015-05-23 08:45 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 00:11 - 2015-05-23 08:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 00:11 - 2015-05-23 08:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 00:11 - 2015-05-23 08:44 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 00:11 - 2015-05-23 08:43 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 00:11 - 2015-05-23 08:40 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 00:11 - 2015-05-23 08:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 00:11 - 2015-05-23 08:38 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 00:11 - 2015-05-23 08:36 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 00:11 - 2015-05-23 08:35 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 00:11 - 2015-05-23 08:35 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 00:11 - 2015-05-23 08:34 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 00:11 - 2015-05-23 08:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 00:11 - 2015-05-23 08:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 00:11 - 2015-05-23 08:19 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 00:11 - 2015-05-23 08:18 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 00:11 - 2015-05-23 08:17 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 00:11 - 2015-05-23 08:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 00:11 - 2015-05-23 08:08 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 00:11 - 2015-05-23 08:07 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 00:11 - 2015-05-23 08:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 00:11 - 2015-05-23 07:58 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 00:11 - 2015-05-23 07:50 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 00:11 - 2015-05-23 07:46 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 00:11 - 2015-05-23 07:44 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 00:11 - 2015-05-23 00:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 00:11 - 2015-05-23 00:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 00:11 - 2015-05-23 00:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 00:11 - 2015-05-23 00:30 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 00:11 - 2015-05-23 00:30 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 00:11 - 2015-05-23 00:30 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 00:11 - 2015-05-23 00:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 00:11 - 2015-05-23 00:29 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 00:11 - 2015-05-23 00:23 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 00:11 - 2015-05-23 00:22 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 00:11 - 2015-05-23 00:22 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 00:11 - 2015-05-23 00:18 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 00:11 - 2015-05-23 00:17 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 00:11 - 2015-05-23 00:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 00:11 - 2015-05-23 00:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 00:11 - 2015-05-23 00:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 00:11 - 2015-05-23 00:10 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 00:11 - 2015-05-23 00:06 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 00:11 - 2015-05-22 23:59 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 00:11 - 2015-05-22 23:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 00:11 - 2015-05-22 23:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 00:11 - 2015-05-22 23:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 00:11 - 2015-05-22 23:37 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 00:11 - 2015-05-22 23:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 00:11 - 2015-05-22 23:35 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 00:11 - 2015-05-22 23:35 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 00:11 - 2015-05-22 23:27 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 00:11 - 2015-05-22 23:20 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 00:11 - 2015-05-22 23:08 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 00:11 - 2015-05-22 22:56 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 00:11 - 2015-04-29 23:52 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 00:11 - 2015-04-29 23:51 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 00:11 - 2015-04-29 23:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 00:11 - 2015-04-29 23:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 00:11 - 2015-04-29 23:49 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 00:11 - 2015-04-29 23:37 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 00:11 - 2015-04-29 23:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 00:11 - 2015-04-29 23:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 00:11 - 2015-04-29 23:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 00:11 - 2015-04-29 23:35 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 00:10 - 2015-05-25 23:54 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 00:10 - 2015-05-25 23:53 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 00:10 - 2015-05-25 23:53 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 00:10 - 2015-05-25 23:51 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 00:10 - 2015-05-25 23:44 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 00:10 - 2015-05-25 23:44 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:37 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 00:10 - 2015-05-25 23:37 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 00:10 - 2015-05-25 23:34 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 00:10 - 2015-05-25 23:30 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 00:10 - 2015-05-25 23:29 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 00:10 - 2015-05-25 23:29 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 00:10 - 2015-05-25 23:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 00:10 - 2015-05-25 23:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 00:10 - 2015-05-25 23:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 00:10 - 2015-05-25 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:38 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 00:10 - 2015-05-25 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 00:10 - 2015-05-25 22:20 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 00:10 - 2015-05-25 22:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 00:10 - 2015-05-25 22:18 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 00:10 - 2015-04-24 23:47 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 00:10 - 2015-04-24 23:26 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 00:10 - 2015-04-11 08:49 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-09 20:51 - 2015-06-09 21:40 - 854812021 _____ C:\Users\nikhi\Downloads\Chef.2014.720p.BluRay.x264.YIFY.mp4
2015-06-08 09:40 - 2015-06-08 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2015-06-08 09:40 - 2015-06-08 09:40 - 00000000 ____D C:\Program Files\Common Files\Wolfram Research
2015-06-08 09:33 - 2015-06-08 09:33 - 00000000 ____D C:\Program Files\Wolfram Research
2015-06-07 21:58 - 2015-06-20 23:43 - 00000000 ____D C:\Users\nikhi\Downloads\Video
2015-06-07 21:58 - 2015-06-14 21:05 - 00000000 ____D C:\Users\nikhi\Downloads\Compressed
2015-06-07 21:56 - 2015-06-07 21:56 - 00000000 ____D C:\Users\nikhi\Downloads\Internet Download Manager (IDM) 6.23 Build 3 Final Incl. Crack [ATOM]
2015-06-07 18:42 - 2015-06-07 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-07 12:50 - 2015-06-07 12:50 - 00000000 ____D C:\Users\nikhi\AppData\Local\Wolfram Research
2015-06-07 00:11 - 2015-06-07 00:11 - 00000000 ____D C:\Users\nikhi\Desktop\Tor Browser
2015-06-06 16:27 - 2015-06-06 16:28 - 00000000 ____D C:\ProgramData\MathematicaPlayer
2015-06-06 16:27 - 2015-06-06 16:27 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\MathematicaPlayer
2015-06-06 16:27 - 2015-06-06 16:27 - 00000000 ____D C:\Users\nikhi\AppData\Local\MathematicaPlayer
2015-06-06 16:27 - 2015-06-06 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram CDF Player
2015-06-06 16:26 - 2015-06-06 16:26 - 00000000 ____D C:\Program Files (x86)\Wolfram Research
2015-06-05 18:35 - 2015-06-05 18:35 - 00000000 ____D C:\Users\nikhi\Downloads\images
2015-06-05 12:34 - 2015-05-22 23:48 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 12:34 - 2015-05-22 23:43 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 12:34 - 2015-05-21 18:49 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-03 10:25 - 2015-06-25 07:53 - 00000000 ____D C:\Users\nikhi\AppData\Local\Windows Live
2015-06-03 10:25 - 2015-06-03 10:25 - 00000000 ____D C:\Users\nikhi\AppData\Local\{A7FC2C82-9BB2-4D58-AED0-57B4037E5BB8}
2015-06-03 10:25 - 2015-06-03 10:25 - 00000000 ____D C:\Users\nikhi\AppData\Local\{9ACA744F-466D-41A1-9370-3530A0354075}
2015-06-03 10:23 - 2015-06-03 12:49 - 00000000 ____D C:\Users\nikhi\Downloads\National Building Code of India 2005_files
2015-06-03 00:23 - 2015-06-03 00:23 - 00000000 ____D C:\Users\nikhi\AppData\Local\Luiz Fernando
2015-06-03 00:18 - 2015-06-03 00:18 - 00000000 ____D C:\Program Files (x86)\GIF Viewer
2015-06-01 20:37 - 2015-06-01 20:37 - 00000000 ____D C:\Users\nikhi\AppData\Local\GWX
2015-06-01 20:34 - 2015-06-01 20:34 - 00000000 ____D C:\Users\nikhi\AppData\Local\NVIDIA Corporation
2015-06-01 20:34 - 2015-06-01 20:34 - 00000000 ____D C:\Users\nikhi\AppData\Local\NVIDIA
2015-06-01 20:30 - 2015-06-01 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-01 20:30 - 2015-05-28 12:34 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-01 20:30 - 2015-05-28 12:34 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-01 20:30 - 2015-05-28 12:34 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-01 20:30 - 2015-05-28 12:34 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-01 20:29 - 2015-06-01 20:29 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-06-01 20:29 - 2015-06-01 20:29 - 00000000 ____D C:\Windows\system32\NV
2015-06-01 20:29 - 2015-05-28 09:22 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-01 20:28 - 2015-06-01 20:28 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-01 20:28 - 2015-05-28 12:34 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-01 20:28 - 2015-05-28 12:34 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00299664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2015-06-01 20:28 - 2015-05-28 12:34 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00052880 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-01 20:28 - 2015-05-28 12:34 - 00031560 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-06-01 20:26 - 2015-06-01 20:26 - 00000000 ____D C:\NVIDIA
2015-05-31 12:28 - 2015-05-31 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader
2015-05-31 12:28 - 2015-05-31 12:28 - 00000000 ____D C:\Program Files (x86)\EPUB File Reader
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 05:54:36 AM
Hi kevin,

'Part 4' of the post

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-29 14:52 - 2009-07-14 10:43 - 00912410 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-29 14:48 - 2010-11-21 09:17 - 01224318 _____ C:\Windows\PFRO.log
2015-06-29 14:48 - 2009-07-14 11:02 - 00000000 ____D C:\Windows\addins
2015-06-29 14:31 - 2012-03-29 17:14 - 01449462 _____ C:\Windows\WindowsUpdate.log
2015-06-29 14:27 - 2012-09-22 10:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-29 14:11 - 2012-07-29 19:42 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001UA.job
2015-06-29 14:10 - 2015-02-05 14:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-29 13:11 - 2012-07-29 19:42 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001Core.job
2015-06-29 13:04 - 2009-07-14 10:15 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-29 13:04 - 2009-07-14 10:15 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-29 12:56 - 2012-11-19 17:47 - 00000000 ____D C:\Program Files (x86)\Connectify
2015-06-29 12:54 - 2012-09-22 10:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-29 12:54 - 2012-03-29 19:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-29 12:54 - 2012-03-29 17:35 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2015-06-29 12:54 - 2012-03-29 17:35 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2015-06-29 12:54 - 2012-03-29 17:32 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2015-06-29 12:54 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-29 12:54 - 2009-07-14 10:21 - 00244724 _____ C:\Windows\setupact.log
2015-06-29 12:39 - 2012-04-30 07:32 - 00001379 _____ C:\Users\nikhi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-29 12:13 - 2012-04-30 07:26 - 00115624 _____ C:\Users\nikhi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-29 12:13 - 2009-07-14 10:15 - 03033600 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-29 11:42 - 2012-07-17 00:23 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\vlc
2015-06-29 03:34 - 2012-08-15 22:51 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-29 03:33 - 2013-09-15 22:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-06-29 03:33 - 2010-11-21 12:46 - 00000000 ____D C:\Windows\ShellNew
2015-06-29 03:33 - 2009-07-14 11:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-29 03:33 - 2009-07-14 08:04 - 00000521 _____ C:\Windows\win.ini
2015-06-29 03:32 - 2009-07-14 08:50 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-29 03:10 - 2015-02-05 14:20 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-29 03:10 - 2014-07-14 13:34 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-29 03:10 - 2012-07-12 15:24 - 00000000 ____D C:\Users\nikhi\AppData\Local\Adobe
2015-06-29 03:10 - 2012-03-29 17:15 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-29 03:06 - 2014-07-22 13:35 - 00000000 ____D C:\ProgramData\Oracle
2015-06-29 03:06 - 2014-07-22 13:35 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-29 03:05 - 2014-07-22 13:35 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-29 03:05 - 2012-03-29 17:26 - 00000000 ____D C:\Program Files\Java
2015-06-29 02:51 - 2014-02-24 23:24 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\DMCache
2015-06-29 02:40 - 2015-01-17 11:35 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\uTorrent
2015-06-28 23:28 - 2013-12-31 03:02 - 00008730 _____ C:\Windows\IE11_main.log
2015-06-27 14:21 - 2013-04-19 15:57 - 00000000 ____D C:\Users\nikhi\Documents\MATLAB
2015-06-25 06:27 - 2011-02-10 21:40 - 00896720 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-24 15:15 - 2012-08-18 12:48 - 00001945 _____ C:\Windows\epplauncher.mif
2015-06-24 15:14 - 2014-12-29 08:42 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 03:21 - 2013-06-23 23:25 - 00007633 _____ C:\Users\nikhi\AppData\Local\resmon.resmoncfg
2015-06-24 02:20 - 2013-08-31 16:55 - 00000000 ____D C:\Windows\pss
2015-06-24 01:47 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\system32\NDF
2015-06-23 23:20 - 2012-03-29 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-06-23 23:20 - 2012-03-29 17:32 - 00000000 ____D C:\Program Files\Dell
2015-06-23 23:12 - 2012-09-04 14:11 - 00000000 ____D C:\Users\nikhi\Documents\CFI
2015-06-23 16:43 - 2014-01-25 20:04 - 00000000 ____D C:\Users\nikhi\Documents\Visual Studio 2010
2015-06-23 09:25 - 2012-07-24 09:00 - 00000000 ____D C:\ProgramData\PCDr
2015-06-22 10:19 - 2015-04-08 16:12 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2015-06-20 11:43 - 2012-11-19 17:48 - 00000000 ____D C:\Users\nikhi\AppData\Local\Connectify
2015-06-17 11:07 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\rescache
2015-06-16 23:32 - 2015-05-13 16:40 - 00000000 ____D C:\Users\nikhi\Documents\1 DDP
2015-06-16 23:14 - 2015-02-03 21:05 - 00000000 __SHD C:\Users\nikhi\AppData\Local\EmieBrowserModeList
2015-06-16 23:14 - 2014-06-07 13:41 - 00000000 __SHD C:\Users\nikhi\AppData\Local\EmieUserList
2015-06-16 23:14 - 2014-06-07 13:41 - 00000000 __SHD C:\Users\nikhi\AppData\Local\EmieSiteList
2015-06-16 21:25 - 2015-05-17 15:58 - 00000000 ____D C:\Users\nikhi\Documents\3 summer
2015-06-13 18:29 - 2012-09-22 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-13 17:16 - 2014-08-20 18:00 - 00000000 ____D C:\Users\nikhi\Documents\Origin User Files
2015-06-12 21:03 - 2012-09-07 14:27 - 00000000 ____D C:\Users\nikhi\Desktop\Temp
2015-06-12 11:20 - 2012-03-29 18:58 - 00000000 ____D C:\ProgramData\Dell
2015-06-10 07:25 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 03:07 - 2013-09-14 03:25 - 00000000 ____D C:\Windows\system32\MRT
2015-06-09 11:46 - 2015-03-29 01:24 - 00000000 ____D C:\Users\nikhi\Downloads\tore
2015-06-08 17:32 - 2012-09-04 14:12 - 00000000 ____D C:\Users\nikhi\Documents\others
2015-06-08 17:30 - 2013-01-31 02:02 - 00000000 ____D C:\Users\nikhi\Documents\Papers
2015-06-08 17:20 - 2012-09-06 16:17 - 00000000 ____D C:\Users\nikhi\Desktop\Applications
2015-06-08 09:40 - 2014-01-23 13:30 - 00000000 ____D C:\ProgramData\Mathematica
2015-06-08 09:40 - 2014-01-23 13:30 - 00000000 ____D C:\Program Files\Extras
2015-06-07 21:51 - 2014-07-14 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 16:34 - 2014-07-10 20:14 - 00000000 ____D C:\Users\nikhi\Documents\My Games
2015-06-06 16:33 - 2015-04-10 17:03 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-06-06 03:15 - 2014-12-11 07:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 03:15 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-02 03:00 - 2014-01-25 20:07 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-01 20:34 - 2012-03-29 19:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-01 20:30 - 2012-03-29 19:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-01 20:30 - 2012-03-29 19:09 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-01 20:30 - 2012-03-29 17:32 - 00000000 ____D C:\Temp

==================== Files in the root of some directories =======

2015-06-29 12:34 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\0249BT3T.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 1415680 _____ (wj32) C:\Program Files\0AL2AL5U.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 1415680 _____ (wj32) C:\Program Files\0CA8KIGU.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 1415680 _____ (wj32) C:\Program Files\13LNPRWY.exe
2015-06-29 12:54 - 2015-06-29 12:54 - 1415680 _____ (wj32) C:\Program Files\168ACHG6.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 1415680 _____ (wj32) C:\Program Files\168ACUWJ.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 1415680 _____ (wj32) C:\Program Files\2468APUH.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\246BDFH4.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 1415680 _____ (wj32) C:\Program Files\35ACEGLN.exe
2015-06-29 12:09 - 2015-06-29 12:09 - 1415680 _____ (wj32) C:\Program Files\4FZM9D05.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 1415680 _____ (wj32) C:\Program Files\51XKMI5M.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\57MOTVXK.exe
2015-06-29 02:57 - 2015-06-29 02:57 - 1415680 _____ (wj32) C:\Program Files\5P6TAKDR.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\68DFHMO8.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 1415680 _____ (wj32) C:\Program Files\79BGI0ZP.exe
2015-06-24 15:36 - 2015-06-24 15:36 - 1415680 _____ (wj32) C:\Program Files\79BGIKMR.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 1415680 _____ (wj32) C:\Program Files\8ACEJLND.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 1415680 _____ (wj32) C:\Program Files\8AFHJLKA.exe
2015-06-24 15:36 - 2015-06-24 15:36 - 1415680 _____ (wj32) C:\Program Files\9BDFKMOE.exe
2015-06-29 12:10 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\9BDIKPRE.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 1415680 _____ (wj32) C:\Program Files\9BDSXZ13.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 1415680 _____ (wj32) C:\Program Files\9BGINPRH.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 1415680 _____ (wj32) C:\Program Files\9EGIKPRY.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 1415680 _____ (wj32) C:\Program Files\AMKIGSK8.exe
2015-06-29 12:15 - 2015-06-29 12:15 - 1415680 _____ (wj32) C:\Program Files\BDFHMOTV.exe
2015-06-25 05:52 - 2015-06-25 05:52 - 1415680 _____ (wj32) C:\Program Files\CHJLNSUW.exe
2015-06-29 12:46 - 2015-06-29 12:46 - 1415680 _____ (wj32) C:\Program Files\DFHM135V.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 1415680 _____ (wj32) C:\Program Files\EA62YUKA.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 1415680 _____ (wj32) C:\Program Files\ECOMKWUU.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 1415680 _____ (wj32) C:\Program Files\EKOMKWUS.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 1415680 _____ (wj32) C:\Program Files\FHJLKSUK.exe
2015-06-29 12:15 - 2015-06-29 12:15 - 1415680 _____ (wj32) C:\Program Files\FHMOKSAC.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 1415680 _____ (wj32) C:\Program Files\GECA86II.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\GINPR6BY.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 1415680 _____ (wj32) C:\Program Files\GINPRTYL.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\HJY357X4.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 1415680 _____ (wj32) C:\Program Files\IKMOTVXN.exe
2015-06-25 08:06 - 2015-06-25 08:06 - 1415680 _____ (wj32) C:\Program Files\J6N1LZX2.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 1415680 _____ (wj32) C:\Program Files\JOKV02KU.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 1415680 _____ (wj32) C:\Program Files\KD92YREJ.exe
2015-06-29 12:28 - 2015-06-29 12:28 - 1415680 _____ (wj32) C:\Program Files\KDRSF5S0.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 1415680 _____ (wj32) C:\Program Files\KGC2VIBR.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\KM138ACM.exe
2015-06-29 12:33 - 2015-06-29 12:33 - 1415680 _____ (wj32) C:\Program Files\KMOKVX2V.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 1415680 _____ (wj32) C:\Program Files\KOMKWUSK.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\KPRWY02M.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 1415680 _____ (wj32) C:\Program Files\KSUZ135S.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 1415680 _____ (wj32) C:\Program Files\KVALT195.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 1415680 _____ (wj32) C:\Program Files\KVX2468Y.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 1415680 _____ (wj32) C:\Program Files\KWU6420E.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\KY6HP081.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\KYGOW4F8.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 1415680 _____ (wj32) C:\Program Files\MKIUSK42.exe
2015-06-29 12:54 - 2015-06-29 12:54 - 1415680 _____ (wj32) C:\Program Files\MLE7O5G3.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 1415680 _____ (wj32) C:\Program Files\MOTVXZ46.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 1415680 _____ (wj32) C:\Program Files\MYWUS42G.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\N579BGIS.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\NPUWY05S.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\NSXZ4MOE.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 1415680 _____ (wj32) C:\Program Files\NV3ET19K.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\OKSXZ46W.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\OKVXZEJ6.exe
2015-06-29 02:57 - 2015-06-29 02:57 - 1415680 _____ (wj32) C:\Program Files\PRTV027U.exe
2015-06-29 14:30 - 2015-06-29 14:30 - 1415680 _____ (wj32) C:\Program Files\PUWY057U.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\R2AIK19O.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 1415680 _____ (wj32) C:\Program Files\RTV0FHJW.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 1415680 _____ (wj32) C:\Program Files\SK20YWA8.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 1415680 _____ (wj32) C:\Program Files\SKY3B6E4.exe
2015-06-29 12:28 - 2015-06-29 12:28 - 1415680 _____ (wj32) C:\Program Files\SUZ135AX.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\SX5D27IT.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 1415680 _____ (wj32) C:\Program Files\U6420CAO.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 1415680 _____ (wj32) C:\Program Files\VDFHJOKD.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\VXZ16LNX.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 1415680 _____ (wj32) C:\Program Files\W1357CE4.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 1415680 _____ (wj32) C:\Program Files\WY027MOY.exe
2015-06-29 13:00 - 2015-06-29 13:00 - 1415680 _____ (wj32) C:\Program Files\WY35ACHG.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 1415680 _____ (wj32) C:\Program Files\WYDFKMO1.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 1415680 _____ (wj32) C:\Program Files\X2468D0K.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 1415680 _____ (wj32) C:\Program Files\X5XBXJR1.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 1415680 _____ (wj32) C:\Program Files\XZ168AC2.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\Y0279BD3.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 1415680 _____ (wj32) C:\Program Files\Y0579BG3.exe
2015-06-25 13:11 - 2015-06-25 13:11 - 1415680 _____ (wj32) C:\Program Files\YCW7C7OZ.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 1415680 _____ (wj32) C:\Program Files\YDIKPRT3.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 1415680 _____ (wj32) C:\Program Files\YDKM68SU.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 1415680 _____ (wj32) C:\Program Files\YW8642EC.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 1415680 _____ (wj32) C:\Program Files\YWUS420Y.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 1415680 _____ (wj32) C:\Program Files\ZEGINPRA.exe
2014-05-12 15:24 - 2014-05-12 15:24 - 0055783 _____ () C:\Program Files (x86)\uninstall-g95.exe
2012-07-13 00:27 - 2014-06-20 20:34 - 0011264 _____ () C:\Users\nikhi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-23 23:25 - 2015-06-24 03:21 - 0007633 _____ () C:\Users\nikhi\AppData\Local\resmon.resmoncfg
2015-06-24 01:10 - 2015-06-24 12:48 - 0000198 _____ () C:\Users\nikhi\AppData\Local\Support.ini
2014-06-20 20:32 - 2015-05-27 00:24 - 0000700 ___SH () C:\Users\nikhi\AppData\Local\systemFL7.dat
2015-05-26 23:36 - 2015-05-27 00:00 - 0011781 ___SH () C:\Users\nikhi\AppData\Local\win_flfiles_sys.dat
2014-11-20 13:27 - 2014-11-20 13:27 - 0000000 _____ () C:\Users\nikhi\AppData\Local\{98E06468-99E8-48E9-A541-CA2B1AA0377D}

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-24 16:19

==================== End of log ============================
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 05:56:04 AM
Hi Kevin,

'Part 5' of the post

Here is the Addition text file content -

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by nikhi at 2015-06-29 16:46:44
Running from C:\Users\nikhi\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2052094510-1569341030-3252781033-500 - Administrator - Disabled)
Guest (S-1-5-21-2052094510-1569341030-3252781033-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2052094510-1569341030-3252781033-1010 - Limited - Enabled)
nikhi (S-1-5-21-2052094510-1569341030-3252781033-1001 - Administrator - Enabled) => C:\Users\nikhi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Abaqus 6.12-3 (HKLM-x32\...\Abaqus 6.12-3) (Version: 6.12.0.0 - Dassault Systemes Simulia Corp.)
Abaqus FLEXnet License Server (HKLM-x32\...\Abaqus FLEXnet License Server) (Version: 6.9.0.0 - Dassault Systemes Simulia Corp.)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
C-Free 5.0 Professional (HKLM-x32\...\C-Free 5.0_is1) (Version:  - Program Arts)
Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix)
CMake 3.0.2, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.0.2) (Version: 3.0.2 - Kitware)
Connectify (HKLM\...\Connectify) (Version: 3.0.0.20932 - Connectify)
Cortona3D Viewer (HKLM-x32\...\{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}) (Version: 6.0.179 - ParallelGraphics)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crystal Reports Basic for Visual Studio 2008 (HKLM-x32\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
Cypress TrackPad (HKLM\...\{7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1) (Version: 2.3.6.26 - Cypress Semiconductor, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Debug Server (HKLM-x32\...\4F9A85D9-5F0E-E538-D71C-621DF59F81FA) (Version: 4.0 - Texas Instruments)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{0F99CA59-7CB4-4167-A43A-4B1D5E584281}) (Version: 1.6.301.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.50 - ArcSoft)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell Update (HKLM-x32\...\{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}) (Version: 1.6.1007.0 - Dell Inc.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2214 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2214 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Digimizer (HKLM-x32\...\{65118913-87D8-435B-92A6-C599485F3A4C}) (Version: 4.3.0 - MedCalc Software)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dropbox (HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DVDFab Media Player 2 (HKLM-x32\...\DVDFab Media Player 2_is1) (Version: 2.5.0.2 - Fengtao Software Inc.)
EAGLE 6.2.0 (HKLM-x32\...\EAGLE 6.2.0) (Version: 6.2.0 - CadSoft Computer GmbH)
Eagle3D 1.05 (HKLM-x32\...\Eagle3D_is1) (Version:  - Matthias Weißer)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - epubfilereader.com)
Face Recognition (HKLM\...\{B132D631-AD31-41C1-BC8A-9715104C633F}) (Version: 3.1.70.1 - Sensible Vision)
GC (HKLM-x32\...\GC) (Version:  - ) <==== ATTENTION
GIF Viewer (HKLM-x32\...\GIF Viewer) (Version:  - )
Git version 1.8.1.2-preview20130201 (HKLM-x32\...\Git_is1) (Version: 1.8.1.2-preview20130201 - The Git Development Community)
GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32)
Google Chrome (HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.2.0.1084 - Citrix Online, a division of Citrix Systems, Inc.)
i686-4.9.1-posix-dwarf-rt_v3-rev1 (HKLM-x32\...\i686-4.9.1-posix-dwarf-rt_v3-rev1) (Version:  - MinGW-W64)
ICSD Database for X'Pert HighScore Plus V1.5 (HKLM-x32\...\InstallShield_{C2F19F6A-F2B0-46F9-9887-CDD64BB18E60}) (Version: 1.50.0000 - PANalytical B.V.)
ICSD Database for X'Pert HighScore Plus V1.5 (x32 Version: 1.50.0000 - PANalytical B.V.) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1008 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel(R) WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
JabRef 2.9.2 (HKLM-x32\...\JabRef 2.9.2) (Version: 2.9.2 - JabRef Team)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170600}) (Version: 1.7.0.600 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LINDO 6.1 (HKLM-x32\...\{C19796D5-E477-40A1-8C78-DF2EB439D99B}) (Version: 6.1.0 - XXXXXXXX)
LyX 2.0.6 (HKLM-x32\...\LyX206) (Version: 2.0.6 - LyX Team)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MATLAB R2012b (HKLM\...\Matlab R2012b) (Version: 8.0 - The MathWorks, Inc.)
MEISP v3.0 Multiple EIS Parameterization trial version (HKLM-x32\...\MEISP v3.0 Multiple EIS Parameterization trial version) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Device Emulator (64 bit) version 3.0 - ENU (HKLM\...\{EF8B1A2E-9CCB-3AB2-91E3-4EEDAB1294E1}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft HPC Pack 2008 R2 MS-MPI Redistributable Pack (HKLM\...\{D3299935-57F7-403A-9D7B-0B8F9F56F44B}) (Version: 3.0.2369.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices ENU (HKLM-x32\...\{241F2BF7-69EB-42A4-9156-96B2426C7504}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM-x32\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2008 Professional Edition - ENU (HKLM-x32\...\Microsoft Visual Studio 2008 Professional Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{29C93182-34F6-3275-A18D-59326851CD57}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{9aa5f39c-a8de-46b0-919a-0248f8bc8490}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{62EED300-E841-4083-A1D6-60B906271804}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{A992BBAA-723D-4574-A07F-983BF8FAA3E1}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVC80_Runtime (HKLM-x32\...\{5E81B080-4629-4EC3-AA90-538394122120}) (Version: 1.0.0.0 - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin8 (x32 Version: 8.00.000 - OriginLab) Hidden
OriginPro 8 (HKLM-x32\...\{A912021A-FEDD-4DA3-8DB4-245EBDA84778}) (Version: 8.00.000 - OriginLab Corporation)
PANalytical X'Pert Highscore Plus (HKLM-x32\...\{C619E83D-62B9-4FE5-9736-F6DBD2850024}) (Version: 3.0.0 - PANalytical)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.8.0 - Prolific Technology INC)
POV-Ray for Windows v3.62 (HKLM\...\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}) (Version: 3.62 - Persistence of Vision Raytracer Pty. Ltd.)
Prism Video File Converter (HKLM-x32\...\Prism) (Version:  - NCH Software)
Python 2.7 pyserial-2.5 (HKLM-x32\...\pyserial-py2.7) (Version:  - )
Python 2.7.3 (HKLM-x32\...\{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}) (Version: 2.7.3150 - Python Software Foundation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
SIMULIA FLEXnet License Server (HKLM-x32\...\SIMULIA FLEXnet License Server) (Version: 6.12.0.0 - Dassault Systemes Simulia Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SSH Secure Shell (HKLM-x32\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version:  - )
SYS BIOS 6.30.02.42 (HKLM-x32\...\257D40B-AC0E-3A45-7DA7-2546F9DCCE01) (Version: 6.30.02.42 - Texas Instruments)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Ubuntu (HKLM-x32\...\Wubi) (Version: 12.04-rev266 - Ubuntu)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
VISIONTEK 3G USB MODEM (HKLM\...\VISIONTEK 3G USB MODEM - VTK_is1) (Version:  - )
Visual C++ 2008 x64 Runtime - v9.0.30729.4967 (HKLM-x32\...\{2FD19779-BD96-31F4-954D-7C7FE546BFD1}.vc_x64runtime_30729_4967) (Version: 9.0.30729.4967 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.4967 (HKLM-x32\...\{EC1F1209-E48D-38B0-BE25-B37C6BFCF676}.vc_x86runtime_30729_4967) (Version: 9.0.30729.4967 - Microsoft Corporation)
Visual Studio .NET Prerequisites - English (HKLM\...\{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}) (Version: 9.0.21022 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows Driver Package - Silicon Laboratories (silabenm) Ports  (12/10/2012 6.6.1.0) (HKLM\...\D680DEE0F68D64EC53D0C5769879D15D387054CC) (Version: 12/10/2012 6.6.1.0 - Silicon Laboratories)
Windows Driver Package - Texas Instruments (usbser) Ports  (12/11/2007 1.3) (HKLM\...\B89452C8A2A1FCF2E1BCF0ECA27FB6019CFA00CF) (Version: 12/11/2007 1.3 - Texas Instruments)
Windows Driver Package - Texas Instruments, Inc (umpusbvista) Ports  (10/20/2009 6.5.9017.0) (HKLM\...\287456DB90C1DA963CF09266912A2F7FFEF599C5) (Version: 10/20/2009 6.5.9017.0 - Texas Instruments, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM-x32\...\{6C9F6D23-E9AD-43C9-B43A-011562AAF876}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM-x32\...\{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wolfram CDF Player (M-WIN-D 8.0.4 2609533) (HKLM-x32\...\M-WIN-D 8.0.4 2609533_is1) (Version: 8.0.4 - Wolfram Research, Inc.)
Wolfram Extras 10.1 (5292844) (HKLM\...\A-WIN-Extras 10.1.0 5292844_is1) (Version: 10.1.0 - Wolfram Research, Inc.)
Wolfram Mathematica 10.1 (M-WIN-L 10.1.0 5292918) (HKLM\...\M-WIN-L 10.1.0 5292918_is1) (Version: 10.1.0 - Wolfram Research, Inc.)
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 05:58:16 AM
Hi Kevin,

'Part 6' of the post

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-29 17:20 - 2014-11-14 17:44 - 00001796 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com127.0.0.1            practivate.adobe.com
127.0.0.1            ereg.adobe.com
127.0.0.1            activate.wip3.adobe.com
127.0.0.1            wip3.adobe.com
127.0.0.1            3dns-3.adobe.com
127.0.0.1            3dns-2.adobe.com
127.0.0.1            adobe-dns.adobe.com
127.0.0.1            adobe-dns-2.adobe.com
127.0.0.1            adobe-dns-3.adobe.com
127.0.0.1            ereg.wip3.adobe.com
127.0.0.1            activate-sea.adobe.com
127.0.0.1            wwis-dubc1-vip60.adobe.com
127.0.0.1            activate-sjc0.adobe.com
127.0.0.1            practivate.adobe.com
127.0.0.1            ereg.adobe.com
127.0.0.1            activate.wip3.adobe.com
127.0.0.1            wip3.adobe.com
127.0.0.1            3dns-3.adobe.com
127.0.0.1            3dns-2.adobe.com
127.0.0.1            adobe-dns.adobe.com
127.0.0.1            adobe-dns-2.adobe.com
127.0.0.1            adobe-dns-3.adobe.com
127.0.0.1            ereg.wip3.adobe.com
127.0.0.1            activate-sea.adobe.com
127.0.0.1            wwis-dubc1-vip60.adobe.com
127.0.0.1            activate-sjc0.adobe.com
10.24.0.171   cclicserver.iitm.ac.in    leo


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {261EB4F7-F22F-436D-8A39-F3DB4DE2AA25} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {41209D24-F5A0-4260-B3BB-2D02CB7CBC5B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {4DC70E6E-5006-4CD3-804D-69FF1A14CD02} - System32\Tasks\{D574E3D9-AE97-4001-BEE3-0EE5E708A146} => pcalua.exe -a "C:\Program Files (x86)\NewSoftware's\Folder Lock\uninstall.exe" -c -u
Task: {4EB1AA38-6345-496C-8B17-0185E3AEF7CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001UA => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.)
Task: {57F7AD66-2872-43F1-A226-B2223FE8CFE3} - System32\Tasks\{5C0929CB-AC8C-43D8-B24F-F9858688F03B} => pcalua.exe -a "C:\Users\nikhi\Documents\My Received Files\Driver.exe" -d "C:\Users\nikhi\Documents\My Received Files"
Task: {5BD8F4C6-B3E6-4287-93FA-4AE8B026FEE3} - System32\Tasks\{A0E20DF1-85F0-4FCF-82CD-465F45228656} => pcalua.exe -a G:\setup.exe -d G:\
Task: {5D6394BA-C317-4B61-815A-213B508F55DE} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-29] (Microsoft Corporation)
Task: {6477175B-C3F2-4086-A9D7-9D6BB03FDE8F} - \FF Watcher {87EA3E8B-0A16-4191-BFFB-10CD9E4726A6} No Task File <==== ATTENTION
Task: {65F432A0-2DBB-4C09-9A2C-E60A9A4E9786} - System32\Tasks\{C6E22D41-2256-4CFB-9331-2B5F6A64CE4D} => pcalua.exe -a "C:\Users\nikhi\Documents\3 summer\EIS\MEISP\MEISP3trial\SETUP.EXE" -d "C:\Users\nikhi\Documents\3 summer\EIS\MEISP\MEISP3trial"
Task: {720D524B-4D83-4091-A6F7-113E1DE8B25C} - System32\Tasks\{2C39F887-DB06-4A60-A7D3-7FA2806415F8} => pcalua.exe -a G:\setup.exe -d G:\
Task: {7485E90C-B193-425E-BEE3-A5E98764CEBC} - System32\Tasks\{672E7985-9A63-4161-BC46-54F3CC5D9478} => pcalua.exe -a C:\Users\nikhi\Downloads\softwares\B2CAppSetup.exe -d C:\Users\nikhi\Downloads\softwares
Task: {7AA89D3A-74EA-4341-9761-F07CAA059C43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {82EDC209-02FC-4CED-BB8D-DE9A1CD97D21} - System32\Tasks\{A09A70C0-C2A7-47BB-B167-CF0D76A67124} => C:\Users\nikhi\Downloads\PL2303_Prolific_DriverInstaller_v1.8.0.exe
Task: {9DE739CB-D71B-4BC4-9665-7A61C530209D} - System32\Tasks\{7B730A6D-459D-48C2-A97E-5BDBFE7F72FD} => C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {B8C3DEF1-95A2-4A30-B7B5-024ABD9A8CD3} - System32\Tasks\{62572284-90B3-4562-9980-071DE1F82323} => C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe
Task: {BF1EA1D7-FDB4-433F-B2CC-1402BC8290FC} - \Windows Updater No Task File <==== ATTENTION
Task: {C0780FB9-20CF-4B03-9396-B0DEECB31797} - System32\Tasks\{01247515-48A8-41A1-8064-CC78B4CB8FD7} => pcalua.exe -a C:\ProgramData\MovieMode\uninstall.exe -c /kb=y /ic=1
Task: {C20E7815-AB4F-4916-A161-56BCE6BBDC93} - \Escolade No Task File <==== ATTENTION
Task: {D2525DFF-B778-4999-8904-2E5EE763EF04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-22] (Google Inc.)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E5DEAE35-C6E6-45D1-95CD-1B893146BDAF} - \Your File Updater No Task File <==== ATTENTION
Task: {F2FB1D55-8648-4A5B-A95A-13DC8E7DABFA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-22] (Google Inc.)
Task: {F53661A2-8FFF-480F-BB20-3F68847A125D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001Core => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.)
Task: {FC091041-F8AA-4EDA-AC18-D628CAC28A20} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-29] (Adobe Systems Incorporated)
Task: {FFE0BE29-937F-4756-AAB6-87A38FD345BE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001Core.job => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001UA.job => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2011-08-19 22:04 - 2011-08-19 22:04 - 00095216 _____ () C:\Windows\system32\FAIEExtension.DLL
2015-06-24 01:05 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-06-24 01:05 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nikhi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.24.0.193 - 10.65.0.3

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^nikhi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^nikhi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^g.lnk => C:\Windows\pss\g.lnk.Startup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: FATrayAlert => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: GoldenFilterPro => C:\Program Files (x86)\Golden Filter Premium\GFPro.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_CC670EC9C0039784BBC144C8FE53E009 => "C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: Stage Remote => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57E03FB4-3E20-418D-8A2C-B8AA2A5332D4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4E419913-0DC4-47DC-B1E9-6934A5954146}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{C3AB7065-4D35-490F-A666-58114D2BBDFA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{44C08911-3351-464B-BAC2-7292C43B7629}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{14C1B747-2047-4ABE-BC4C-B91B1E25C785}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{693C0EB9-B2AF-4C2D-A797-631625FAE7B8}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{F5FC63CC-C6D0-46FA-9967-8E77293F8ED7}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{E6DE1E01-F508-4CEB-8479-1236EC410BD3}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{640335AE-D227-430B-B25B-0783170B14F2}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{CA3AA5BA-EF09-48AD-9F1B-6E64F9A63830}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{4128BC22-7283-4F22-8116-B86075F6C75D}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{A7D043D0-1B2B-4F6A-B2D9-EFD18D8E97FA}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{94C3E324-41E4-4A7F-A045-D3741F39A6C0}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{EF5F85A6-4522-4798-9BFF-C666E0116EB4}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{A2FECF16-01FC-4E81-859D-96C14E32EE07}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{2CE18008-9062-40DB-A288-0E0D87E374EB}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{676C7A2E-2DBD-4AC7-82BE-200F2911FD01}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B4CF26DC-6347-4C61-9E52-55990F185CA9}] => (Allow) LPort=2869
FirewallRules: [{73D24F49-FE9F-4EB1-94FA-B0C9D53B8EDC}] => (Allow) LPort=1900
FirewallRules: [{0120744C-7C11-461A-B920-5B82943075A8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{AAFAAD32-D29E-4C66-A30F-03074A9D2BD2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{5CEBE90B-1EC3-4469-8C8D-37B996953E8E}] => (Allow) C:\Program Files\dell stage\dell stage\accuweather\accuweather.exe
FirewallRules: [{864E3224-F19F-47AA-9D84-829AD8B1700F}] => (Allow) C:\Program Files\dell stage\musicstage\musicstageengine.exe
FirewallRules: [{41E549ED-764F-40F6-BF25-FAEA10B93BF7}] => (Allow) C:\Program Files\dell stage\dell stage\stage_primary.exe
FirewallRules: [{5E63BB37-1172-499D-B5B6-EAB7EDCF9915}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{0C1DCBCE-859C-4DFF-99B8-EBD14D8F34FB}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{E3A8D006-1B1B-4E89-9B2B-45C2490CCA6A}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{F442E654-6D28-4377-A703-B451AE4E843B}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [TCP Query User{810FEA20-E3C0-4217-9D4B-0212177EDF92}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [UDP Query User{D0D8032F-6026-425A-8645-76401752A483}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [TCP Query User{0C39954A-79DA-407B-B8E8-2661D93C7667}C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe] => (Block) C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe
FirewallRules: [UDP Query User{33FBE53B-A746-4BFE-B45C-95700DF23B6E}C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe] => (Block) C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe
FirewallRules: [TCP Query User{1B9EBD6B-97C7-42AD-9598-F65DD5232B61}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{BCD12F31-D5B9-45D9-B434-043FD4F7C971}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{4FF64CDB-1BA5-4219-9224-4BEDCFD5489B}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{0BCD5BBD-D961-4E23-A167-95FB870804C6}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{90A401A1-B3F2-4CF1-9AFA-1ADFFAF324F7}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{220B0D9A-1235-4BD7-A5AF-198446CC41D2}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{3F418A9F-A7C0-4ABE-8EE3-046DDCC785FC}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{6A7174C6-CAF5-4CC7-8460-E308606996CD}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{24BE5CF1-DFF4-4348-A8D8-946FA97B9BB6}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{F8872BE0-EED2-4AD9-8BD1-95C9579A21CF}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{60EEBC5A-2A21-49DE-B943-3AC833E14E91}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{C5A0FE71-F7F1-43DC-B7F5-9267AD9E95A2}] => (Allow) LPort=5353
FirewallRules: [{D70E6BFF-C322-4EBF-993D-866517E3A961}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{9893E50E-042E-44EB-A712-0991B432DE23}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{AB96A81E-4076-4E60-9AAA-992EC188866E}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{AE0CF48F-6646-4D83-85FE-1C400120B50F}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{7272560F-DE81-4E43-9911-14A3180EE40A}C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4954F0A5-8B90-4FD8-AFC0-847576F7D564}C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{9DB8C9F0-ECC5-4AA5-8E6D-64560BBCFA3E}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{A1D6BDD7-C5EF-484E-8ED9-45AEF0408274}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{FDA55C6B-0E12-47E2-9036-22AC7EA33EC0}C:\program files\java\jdk1.7.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\bin\java.exe
FirewallRules: [UDP Query User{0D74282A-31FC-4DD4-AA4B-3E0B34220BDD}C:\program files\java\jdk1.7.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\bin\java.exe
FirewallRules: [TCP Query User{250437BC-F23C-47F6-8028-5313E28E7275}C:\program files (x86)\android\android-studio\bin\studio64.exe] => (Allow) C:\program files (x86)\android\android-studio\bin\studio64.exe
FirewallRules: [UDP Query User{F379BC8D-F830-45C3-BA69-EB6228A3288B}C:\program files (x86)\android\android-studio\bin\studio64.exe] => (Allow) C:\program files (x86)\android\android-studio\bin\studio64.exe
FirewallRules: [TCP Query User{47B7B16C-67EF-4E97-88BC-624593F52DA8}C:\program files\java\jdk1.7.0_60\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\jre\bin\java.exe
FirewallRules: [UDP Query User{F0442609-6D2A-4A34-A9CA-85A390D48EDE}C:\program files\java\jdk1.7.0_60\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\jre\bin\java.exe
FirewallRules: [TCP Query User{4CE48181-88DD-4A42-992C-B51572E75D18}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [UDP Query User{332F1F2C-49F5-4411-AED1-C63BA4FE710A}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [TCP Query User{E0804482-C5A9-4C3C-BE58-B8BE379DA9EB}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{24C17EAA-74F6-47EC-95FB-89505AC68530}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{F419B112-696A-48E8-8D98-46BA46BC19EE}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{9681C9F6-6AB9-43E0-AB4D-F278B268E23C}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{D83D1521-1321-4D17-B448-57DA5413F2CF}C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [UDP Query User{B03C92F9-3EF9-426B-B4D8-F8246784B4DD}C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [{AFDC974E-3E64-4708-AB9A-140CFA1501D3}] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [{477D494A-3F48-46FD-A32A-34C7E6785124}] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [TCP Query User{2B9985E1-25B9-4ABD-8711-1B02A0042063}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe
FirewallRules: [UDP Query User{08155706-22DD-40A0-93A2-72A1929B8F86}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe
FirewallRules: [TCP Query User{4F0A93C1-66FE-4BE0-8C9B-792C73B993F0}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [UDP Query User{E573F712-A75B-4925-B9E0-B4C7008DA251}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [TCP Query User{D5B600C5-6B28-47A1-95AC-7F2B3307A6FB}C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe
FirewallRules: [UDP Query User{1853A4DD-D122-4B15-844B-031629E71C10}C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe
FirewallRules: [TCP Query User{F9DE120C-2106-4E27-BBDF-DF6CC59D404A}C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe
FirewallRules: [UDP Query User{7FCBB499-22B0-433E-B871-D236E8385087}C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe
FirewallRules: [TCP Query User{E81913A9-8BD8-4AD9-A8E7-237F2AAF48A5}C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe
FirewallRules: [UDP Query User{6C406757-605F-4FA1-91A2-3BAF720B5320}C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe
FirewallRules: [TCP Query User{5454FC32-A6AA-48B1-B559-C5DFEBEEF441}C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe
FirewallRules: [UDP Query User{6CF0E49C-FC62-4E5E-8635-82D047A6087A}C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe
FirewallRules: [TCP Query User{79FDC51A-4676-4ED2-93C9-8726C77CFB9D}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{7DE94361-7825-45BB-BAA6-63AEAF38B52C}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{CF7D2ED8-62ED-4A6D-8271-921850DA4C70}] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{1FD8DC0A-C0E3-4E54-B542-0DD4F6C3E0F1}] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{0B985C98-BF88-430D-9089-57631D4614EC}] => (Allow) C:\Users\nikhi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4D1B0604-3844-414D-BF89-1ABD481B382A}] => (Allow) C:\Users\nikhi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{AC2AC823-F388-48C4-A3B1-69A3BB84D5A0}F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{2909B1B1-3BE5-4BFD-9AEB-A02B17AA3886}F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{F3CDEB18-E7CA-40CA-A1D1-1A2423A47D3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{72FD2E2C-A1DD-43B7-9604-0D246A15A058}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E0C3D1A9-A19C-4532-80D7-2526CF524B80}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4DE08C36-ED08-415C-9878-002B1E0CC89F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{9DA4AA08-CC8B-433C-9266-E42DF3D679F5}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{2992B977-D4FC-4948-AB9E-DF8ADCFF616C}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{37C814DF-4C96-4359-AA7B-40C20068A274}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{3669A687-928A-472A-9DD8-24F6A1FD5FC4}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{A7CE81FB-007D-4B35-A7B8-E56AA7493D5D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8EC8B1F2-83A8-4639-AD50-F79E25CF3763}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5ACF1D23-CD8D-458B-9423-DECE408EEFA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{829E2A21-2ED2-4BB6-B314-5D0A5FA6B6AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A33A4DCD-FAD6-48B9-A8DF-93B3AD150794}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6CBC3B70-2569-4AFE-9BA4-57A5A5157043}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F7947D78-9C01-4E09-A82E-C1B85F665523}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\WolframCDFPlayer.exe
FirewallRules: [{F1CDE83C-FEDA-46F6-BC38-59F239B947F0}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\WolframCDFPlayer.exe
FirewallRules: [{92F139A6-B9A3-4F01-9530-FFEBF46A4F76}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\math.exe
FirewallRules: [{69F5A5EF-5CCA-4B31-93CC-978766132AB4}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\math.exe
FirewallRules: [{385CE409-7DD4-4AAE-9020-C7523685DD01}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\Mathematica.exe
FirewallRules: [{A1080F99-52C8-48DA-8418-54A741499544}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\Mathematica.exe
FirewallRules: [{992C6C23-48ED-44E5-9E57-A48316230081}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\MathKernel.exe
FirewallRules: [{13D724E2-FEA9-4211-B934-9997394FB451}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\MathKernel.exe
FirewallRules: [{777C2982-89CD-4C23-9ED0-58204330A8FC}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\math.exe
FirewallRules: [{EF19EA9D-A731-4D7E-A8AF-997B251858EA}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\math.exe
FirewallRules: [{407612F5-F561-4821-B1CF-426CB02157C3}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 06:00:14 AM
Hi Kevin,

'Part 7' of the post

==================== Faulty Device Manager Devices =============

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2015 02:50:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:34:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:54:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:46:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:33:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:13:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:55:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/25/2015 03:05:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MEISP.exe, version: 1.0.0.1, time stamp: 0x3ca26467
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x55636317
Exception code: 0xc0000374
Fault offset: 0x000cea5f
Faulting process id: 0x22cc
Faulting application start time: 0xMEISP.exe0
Faulting application path: MEISP.exe1
Faulting module path: MEISP.exe2
Report Id: MEISP.exe3

Error: (06/25/2015 01:09:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/25/2015 08:04:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:45:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/29/2015 04:43:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office:
=========================
Error: (06/29/2015 02:50:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:34:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:54:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:46:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:33:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:13:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:55:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/25/2015 03:05:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MEISP.exe1.0.0.13ca26467ntdll.dll6.1.7601.1886955636317c0000374000cea5f22cc01d0af2a2467f2cdC:\Program Files (x86)\Powergraphy\MEISP\MEISP.exeC:\Windows\SysWOW64\ntdll.dll82852a50-1b1d-11e5-899f-848f69ce5555

Error: (06/25/2015 01:09:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/25/2015 08:04:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz
Percentage of memory in use: 25%
Total physical RAM: 8083.88 MB
Available physical RAM: 6005.45 MB
Total Pagefile: 16165.97 MB
Available Pagefile: 14009.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:210.84 GB) (Free:53.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=210.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)

==================== End of log ============================
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 06:02:27 AM
Hi Kevin,

'Part 8' of the post

Here is the log file for rogue killer -

RogueKiller V10.8.7.0 [Jun 29 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : nikhi [Administrator]
Started from : C:\Users\nikhi\Desktop\RogueKiller.exe
Mode : Scan -- Date : 06/29/2015  16:57:53

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 13 ¤¤¤
[Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VSSS (C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe) -> Found
[Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VSSS (C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe) -> Found
[Suspicious.Path|VT.Unknown] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\VSSS (C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe) -> Found
[PUP|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WindowsMangerProtect (C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2052094510-1569341030-3252781033-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=10.93.0.37:3333;https=10.93.0.37:3333;ftp=10.93.0.37:3333  -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2052094510-1569341030-3252781033-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=10.93.0.37:3333;https=10.93.0.37:3333;ftp=10.93.0.37:3333  -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2052094510-1569341030-3252781033-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2052094510-1569341030-3252781033-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.24.0.193 10.65.0.3 [(Private Address) (XX)][(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.24.0.193 10.65.0.3 [(Private Address) (XX)][(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{039EE222-7F10-4B8F-B359-751EC810EF8B} | DhcpNameServer : 10.24.0.193 10.65.0.3 [(Private Address) (XX)][(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{039EE222-7F10-4B8F-B359-751EC810EF8B} | DhcpNameServer : 10.24.0.193 10.65.0.3 [(Private Address) (XX)][(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{039EE222-7F10-4B8F-B359-751EC810EF8B} | DhcpNameServer : 10.24.0.193 10.65.0.3 [(Private Address) (XX)][(Private Address) (XX)]  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 29 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts]    127.0.0.1       localhost
[C:\Windows\System32\drivers\etc\hosts]    ::1             localhost
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activate.adobe.com127.0.0.1            practivate.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            ereg.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            3dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            3dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            ereg.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate-sea.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            wwis-dubc1-vip60.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate-sjc0.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            practivate.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            ereg.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            3dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            3dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            adobe-dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            ereg.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate-sea.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            wwis-dubc1-vip60.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1            activate-sjc0.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 10.24.0.171   cclicserver.iitm.ac.in    leo

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000035f]) ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[PUM.Proxy][FIREFX:Config] emxei7vq.default : user_pref("network.proxy.http", "hproxy.iitm.ac.in"); -> Found
[PUM.Proxy][FIREFX:Config] emxei7vq.default : user_pref("network.proxy.http_port", 3128); -> Found

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG SSD PM830 2.5" 7 +++++
--- User ---
[MBR] 618b9c0929708248490251aa1ac42386
[BSP] dea9defa67a18cc486b8c709b2ee22f0 : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 212992 | Size: 20000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 41172992 | Size: 215900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] OS/2-HIBER (0x84) [HIDDEN!] Offset (sectors): 483340288 | Size: 8191 MB
User = LL1 ... OK
User = LL2 ... OK

End of Rogue killer log file content

Thank you very much for your time,
Nikhil
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 29, 2015, 09:40:28 AM
Hello nikhil,

There are proxy servers running in Firefox and Internet Explorer are they trustworthy and known to you?

Next,

Lots of malware/infection active in your system, maybe will take a few steps to clean up..... Continue please;

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

See if your system will now run ok in Normal mode, if so run the following:

Please open Malwarebytes Anti-Malware.

'Could not load DDA driver'


To get the log from Malwarebytes do the following:


Next,

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the two logs....

Let me see those logs, give me update regarding the proxies also if any improvement..

Thank you,

Kevin..


Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 10:51:40 AM
Hi Kevin,

I am a student at a university and I use institutes' LAN  for internet connection. The proxy servers are institute servers and can be trusted.

I couldn't find fixlist.txt file. Could u guide me to the file?

And, shall I try to start windows security essentials to see if that problem is resolved.

Thank you for your time,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 29, 2015, 01:03:20 PM
Hello nikhil,

Thanks for information on proxy servers etc, regarding fixlist.txt not sure what happened; iv` attached again to this reply...

After the fix is done continue with Malwarebytes, then you can try MSE. Regardless of whether MSE runs or not run FRST as instructed in my last reply and post the two new logs

thank you,

Kevin...
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: PA Bear on June 29, 2015, 01:10:26 PM
FYI: OP's original thread in Microsoft Community forums => http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/cannot-enable-or-update-microsoft-security/b70df513-3f37-4936-98f5-5d6503b1eb11
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 29, 2015, 01:18:04 PM
Thanks for the update Robear, the system is awash with malware/infection etc.. See what happens as we progress...

Kevin... :t
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 01:22:34 PM
Hi Kevin,

I've run FRST and this is the content of the log file  - fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by nikhi at 2015-06-30 00:39:01 Run:1
Running from C:\Users\nikhi\Desktop
Loaded Profiles: nikhi (Available Profiles: nikhi)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
S3 WinHttpAutoProxySvc; winhttp.dll [X]
S1 crioevuo; \??\C:\Windows\system32\drivers\crioevuo.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S1 kqhtcgrc; \??\C:\Windows\system32\drivers\kqhtcgrc.sys [X]
S2 NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [X]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
2015-06-29 14:30 - 2015-06-29 14:30 - 01415680 _____ (wj32) C:\Program Files\PUWY057U.exe
2015-06-29 13:00 - 2015-06-29 13:00 - 01415680 _____ (wj32) C:\Program Files\WY35ACHG.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\YW8642EC.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\YDIKPRT3.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\U6420CAO.exe
2015-06-29 12:56 - 2015-06-29 12:56 - 01415680 _____ (wj32) C:\Program Files\35ACEGLN.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\KSUZ135S.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\EA62YUKA.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\9EGIKPRY.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\8ACEJLND.exe
2015-06-29 12:55 - 2015-06-29 12:55 - 01415680 _____ (wj32) C:\Program Files\2468APUH.exe
2015-06-29 12:54 - 2015-06-29 12:54 - 01415680 _____ (wj32) C:\Program Files\MLE7O5G3.exe
2015-06-29 12:54 - 2015-06-29 12:54 - 01415680 _____ (wj32) C:\Program Files\168ACHG6.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 01415680 _____ (wj32) C:\Program Files\KOMKWUSK.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 01415680 _____ (wj32) C:\Program Files\ECOMKWUU.exe
2015-06-29 12:48 - 2015-06-29 12:48 - 01415680 _____ (wj32) C:\Program Files\168ACUWJ.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\YDKM68SU.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\VXZ16LNX.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\OKVXZEJ6.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\NSXZ4MOE.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\N579BGIS.exe
2015-06-29 12:47 - 2015-06-29 12:47 - 01415680 _____ (wj32) C:\Program Files\68DFHMO8.exe
2015-06-29 12:46 - 2015-06-29 12:46 - 01415680 _____ (wj32) C:\Program Files\DFHM135V.exe
2015-06-29 12:40 - 2015-06-29 12:40 - 00000774 _____ C:\Users\nikhi\Desktop\chromehtml.reg
2015-06-29 12:35 - 2015-06-29 12:35 - 01415680 _____ (wj32) C:\Program Files\X5XBXJR1.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 01415680 _____ (wj32) C:\Program Files\AMKIGSK8.exe
2015-06-29 12:35 - 2015-06-29 12:35 - 01415680 _____ (wj32) C:\Program Files\9BGINPRH.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\X2468D0K.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\KY6HP081.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\HJY357X4.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\246BDFH4.exe
2015-06-29 12:34 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\0249BT3T.exe
2015-06-29 12:33 - 2015-06-29 12:33 - 01415680 _____ (wj32) C:\Program Files\KMOKVX2V.exe
2015-06-29 12:28 - 2015-06-29 12:28 - 01415680 _____ (wj32) C:\Program Files\SUZ135AX.exe
2015-06-29 12:28 - 2015-06-29 12:28 - 01415680 _____ (wj32) C:\Program Files\KDRSF5S0.exe
2015-06-29 12:15 - 2015-06-29 12:15 - 01415680 _____ (wj32) C:\Program Files\FHMOKSAC.exe
2015-06-29 12:15 - 2015-06-29 12:15 - 01415680 _____ (wj32) C:\Program Files\BDFHMOTV.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\YWUS420Y.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\MOTVXZ46.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\KGC2VIBR.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\FHJLKSUK.exe
2015-06-29 12:14 - 2015-06-29 12:14 - 01415680 _____ (wj32) C:\Program Files\EKOMKWUS.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\RTV0FHJW.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\NV3ET19K.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\9BDSXZ13.exe
2015-06-29 12:13 - 2015-06-29 12:13 - 01415680 _____ (wj32) C:\Program Files\13LNPRWY.exe
2015-06-29 12:10 - 2015-06-29 12:34 - 01415680 _____ (wj32) C:\Program Files\9BDIKPRE.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 01415680 _____ (wj32) C:\Program Files\WYDFKMO1.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 01415680 _____ (wj32) C:\Program Files\8AFHJLKA.exe
2015-06-29 12:10 - 2015-06-29 12:10 - 01415680 _____ (wj32) C:\Program Files\51XKMI5M.exe
2015-06-29 12:09 - 2015-06-29 12:09 - 01415680 _____ (wj32) C:\Program Files\4FZM9D05.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 01415680 _____ (wj32) C:\Program Files\SKY3B6E4.exe
2015-06-29 12:03 - 2015-06-29 12:03 - 01415680 _____ (wj32) C:\Program Files\KD92YREJ.exe
2015-06-29 02:57 - 2015-06-29 02:57 - 01415680 _____ (wj32) C:\Program Files\PRTV027U.exe
2015-06-29 02:57 - 2015-06-29 02:57 - 01415680 _____ (wj32) C:\Program Files\5P6TAKDR.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\VDFHJOKD.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\SK20YWA8.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\MKIUSK42.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\IKMOTVXN.exe
2015-06-29 02:56 - 2015-06-29 02:56 - 01415680 _____ (wj32) C:\Program Files\GECA86II.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\XZ168AC2.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\W1357CE4.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\KVX2468Y.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\GINPRTYL.exe
2015-06-29 02:55 - 2015-06-29 02:55 - 01415680 _____ (wj32) C:\Program Files\79BGI0ZP.exe
2015-06-25 13:11 - 2015-06-25 13:11 - 01415680 _____ (wj32) C:\Program Files\YCW7C7OZ.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 01415680 _____ (wj32) C:\Program Files\WY027MOY.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 01415680 _____ (wj32) C:\Program Files\KWU6420E.exe
2015-06-25 13:10 - 2015-06-25 13:10 - 01415680 _____ (wj32) C:\Program Files\KVALT195.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\Y0579BG3.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\OKSXZ46W.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\NPUWY05S.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\KYGOW4F8.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\KM138ACM.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 01415680 _____ (wj32) C:\Program Files\GINPR6BY.exe
2015-06-25 08:06 - 2015-06-25 08:06 - 01415680 _____ (wj32) C:\Program Files\J6N1LZX2.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\MYWUS42G.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\JOKV02KU.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\0CA8KIGU.exe
2015-06-25 08:05 - 2015-06-25 08:05 - 01415680 _____ (wj32) C:\Program Files\0AL2AL5U.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\ZEGINPRA.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\Y0279BD3.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\SX5D27IT.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\R2AIK19O.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\KPRWY02M.exe
2015-06-25 08:04 - 2015-06-25 08:04 - 01415680 _____ (wj32) C:\Program Files\57MOTVXK.exe
2015-06-25 05:52 - 2015-06-25 05:52 - 01415680 _____ (wj32) C:\Program Files\CHJLNSUW.exe
2015-06-24 15:36 - 2015-06-24 15:36 - 01415680 _____ (wj32) C:\Program Files\9BDFKMOE.exe
2015-06-24 15:36 - 2015-06-24 15:36 - 01415680 _____ (wj32) C:\Program Files\79BGIKMR.exe
Hosts:
Emptytemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully
"HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
WinHttpAutoProxySvc => Service stopped successfully.
WinHttpAutoProxySvc => Service removed successfully
crioevuo => Service removed successfully
dgderdrv => Service removed successfully
kqhtcgrc => Service removed successfully
NEWDRIVER => Service removed successfully
Ser2pl => Service removed successfully
C:\Program Files\PUWY057U.exe => moved successfully.
C:\Program Files\WY35ACHG.exe => moved successfully.
C:\Program Files\YW8642EC.exe => moved successfully.
C:\Program Files\YDIKPRT3.exe => moved successfully.
C:\Program Files\U6420CAO.exe => moved successfully.
C:\Program Files\35ACEGLN.exe => moved successfully.
C:\Program Files\KSUZ135S.exe => moved successfully.
C:\Program Files\EA62YUKA.exe => moved successfully.
C:\Program Files\9EGIKPRY.exe => moved successfully.
C:\Program Files\8ACEJLND.exe => moved successfully.
C:\Program Files\2468APUH.exe => moved successfully.
C:\Program Files\MLE7O5G3.exe => moved successfully.
C:\Program Files\168ACHG6.exe => moved successfully.
C:\Program Files\KOMKWUSK.exe => moved successfully.
C:\Program Files\ECOMKWUU.exe => moved successfully.
C:\Program Files\168ACUWJ.exe => moved successfully.
C:\Program Files\YDKM68SU.exe => moved successfully.
C:\Program Files\VXZ16LNX.exe => moved successfully.
C:\Program Files\OKVXZEJ6.exe => moved successfully.
C:\Program Files\NSXZ4MOE.exe => moved successfully.
C:\Program Files\N579BGIS.exe => moved successfully.
C:\Program Files\68DFHMO8.exe => moved successfully.
C:\Program Files\DFHM135V.exe => moved successfully.
C:\Users\nikhi\Desktop\chromehtml.reg => moved successfully.
C:\Program Files\X5XBXJR1.exe => moved successfully.
C:\Program Files\AMKIGSK8.exe => moved successfully.
C:\Program Files\9BGINPRH.exe => moved successfully.
C:\Program Files\X2468D0K.exe => moved successfully.
C:\Program Files\KY6HP081.exe => moved successfully.
C:\Program Files\HJY357X4.exe => moved successfully.
C:\Program Files\246BDFH4.exe => moved successfully.
C:\Program Files\0249BT3T.exe => moved successfully.
C:\Program Files\KMOKVX2V.exe => moved successfully.
C:\Program Files\SUZ135AX.exe => moved successfully.
C:\Program Files\KDRSF5S0.exe => moved successfully.
C:\Program Files\FHMOKSAC.exe => moved successfully.
C:\Program Files\BDFHMOTV.exe => moved successfully.
C:\Program Files\YWUS420Y.exe => moved successfully.
C:\Program Files\MOTVXZ46.exe => moved successfully.
C:\Program Files\KGC2VIBR.exe => moved successfully.
C:\Program Files\FHJLKSUK.exe => moved successfully.
C:\Program Files\EKOMKWUS.exe => moved successfully.
C:\Program Files\RTV0FHJW.exe => moved successfully.
C:\Program Files\NV3ET19K.exe => moved successfully.
C:\Program Files\9BDSXZ13.exe => moved successfully.
C:\Program Files\13LNPRWY.exe => moved successfully.
C:\Program Files\9BDIKPRE.exe => moved successfully.
C:\Program Files\WYDFKMO1.exe => moved successfully.
C:\Program Files\8AFHJLKA.exe => moved successfully.
C:\Program Files\51XKMI5M.exe => moved successfully.
C:\Program Files\4FZM9D05.exe => moved successfully.
C:\Program Files\SKY3B6E4.exe => moved successfully.
C:\Program Files\KD92YREJ.exe => moved successfully.
C:\Program Files\PRTV027U.exe => moved successfully.
C:\Program Files\5P6TAKDR.exe => moved successfully.
C:\Program Files\VDFHJOKD.exe => moved successfully.
C:\Program Files\SK20YWA8.exe => moved successfully.
C:\Program Files\MKIUSK42.exe => moved successfully.
C:\Program Files\IKMOTVXN.exe => moved successfully.
C:\Program Files\GECA86II.exe => moved successfully.
C:\Program Files\XZ168AC2.exe => moved successfully.
C:\Program Files\W1357CE4.exe => moved successfully.
C:\Program Files\KVX2468Y.exe => moved successfully.
C:\Program Files\GINPRTYL.exe => moved successfully.
C:\Program Files\79BGI0ZP.exe => moved successfully.
C:\Program Files\YCW7C7OZ.exe => moved successfully.
C:\Program Files\WY027MOY.exe => moved successfully.
C:\Program Files\KWU6420E.exe => moved successfully.
C:\Program Files\KVALT195.exe => moved successfully.
C:\Program Files\Y0579BG3.exe => moved successfully.
C:\Program Files\OKSXZ46W.exe => moved successfully.
C:\Program Files\NPUWY05S.exe => moved successfully.
C:\Program Files\KYGOW4F8.exe => moved successfully.
C:\Program Files\KM138ACM.exe => moved successfully.
C:\Program Files\GINPR6BY.exe => moved successfully.
C:\Program Files\J6N1LZX2.exe => moved successfully.
C:\Program Files\MYWUS42G.exe => moved successfully.
C:\Program Files\JOKV02KU.exe => moved successfully.
C:\Program Files\0CA8KIGU.exe => moved successfully.
C:\Program Files\0AL2AL5U.exe => moved successfully.
C:\Program Files\ZEGINPRA.exe => moved successfully.
C:\Program Files\Y0279BD3.exe => moved successfully.
C:\Program Files\SX5D27IT.exe => moved successfully.
C:\Program Files\R2AIK19O.exe => moved successfully.
C:\Program Files\KPRWY02M.exe => moved successfully.
C:\Program Files\57MOTVXK.exe => moved successfully.
C:\Program Files\CHJLNSUW.exe => moved successfully.
C:\Program Files\9BDFKMOE.exe => moved successfully.
"C:\Program Files\79BGIKMR.exe" => File/Folder not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 1.7 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 00:39:25 ====

I was not able to run MBAM in normal mode.

Thank you for your time,
Nikhil.

Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 01:31:09 PM
Hi Kevin,

I've noticed one more thing.. Whenever i tried to start MSE (click on start now button in MSE GUI), a new ********.exe (for example : EWY0279B.exe) file appears in the program files folder.

I've noticed it by opening program files folder in windows explorer, MSE and clicking 'start now' button. Then MSE GUI closes automatically and this new file is created in program files.

Thanks for your time,
Nikhil
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 29, 2015, 01:36:14 PM
Hello nikhil,

See if you can run the following and then try Malwarebytes, if this does not work run FRST and post the two new logs...

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/ (http://www.bleepingcomputer.com/download/rkill/)

There are three buttons to choose from with different names on, select the first one and save it to your desktop.


Thanks,

Kevin...
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 01:49:41 PM
Hi Kevin,

I downloaded rkill.exe from the first button in the link that u've given.

when i ran it as administrator, a black DOS box opened and when then windows crashed with a blue screen

here are the details -

Problem signature:
  Problem Event Name:   BlueScreen
  OS Version:   6.1.7601.2.1.0.768.3
  Locale ID:   3081

Additional information about the problem:
  BCCode:   f4
  BCP1:   0000000000000003
  BCP2:   FFFFFA800B807060
  BCP3:   FFFFFA800B807340
  BCP4:   FFFFF80003D79E20
  OS Version:   6_1_7601
  Service Pack:   1_0
  Product:   768_1

Files that help describe the problem:
  C:\Windows\Minidump\063015-9204-01.dmp
  C:\Users\nikhi\AppData\Local\Temp\WER-115315-0.sysdata.xml

Read our privacy statement online:
  http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
  C:\Windows\system32\en-US\erofflps.txt

Thanks for your time
Nikhil
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 29, 2015, 02:11:08 PM
Hello nikhil,

As you have Malwarebytes installed lets see if we can get it to run through its protected folder, do the following

Select > Start > All Programs > Malwarebytes` Anti-Malware > Tools folder > Malwarebytes Anti-Malware Chameleon:


(http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/Cha.png)


A new window will open with Chameleon Tabs (http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/CHb.png) to (http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/CHc.png)

Select tabs in turn until you get a successful run by double click on the tab,
Vista and Windows 7/8 user will have to accept UAC prompt. If successful you will see the following:


(http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/MBa.png)


As instructed press any key to continue, you will now see the following as Malwarebytes attempts to run:


(http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/MBa1.png)


Do nothing, let MB continue, it will try to update:


(http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/MBa2.png)


You may see the following:


(http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/MBa6-1.png)


Then.....


(http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/MBa7.png)


MB will prompt if successful, do nothing; let it continue.


(http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/MBa3.png)


MB will try to kill known malicious processes, do nothing; let it continue.


(http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/MBa4.png)


MB will try to start a quick scan, if successful the following will open; do nothing the scan will run automatically.


(http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/MBc.png)


When complete MB will produce a log, save that and copy to next reply.

MB will continue and remove the protective driver, you will then be given the option to "Press any key to continue" do that.


(http://i121.photobucket.com/albums/o239/kevinf80/Chameleon1%20Malwarebytes/MBa5.png)


Let me see the log from Malwarebytes in your reply,

Thanks,

Kevin..

Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 02:55:51 PM
Hi kevin,

Here is the log file of the MBAM scan -

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 30/06/2015
Scan Time: 2:01:02 AM
Logfile: mbam first scan.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.06.29.05
Rootkit Database: v2015.06.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: nikhi

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 406066
Time Elapsed: 7 min, 20 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 5
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug, Quarantined, [db9eedd396f490a6a01bef03857e0000],
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug\cache, Quarantined, [db9eedd396f490a6a01bef03857e0000],
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug\log, Quarantined, [db9eedd396f490a6a01bef03857e0000],
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug\queries, Quarantined, [db9eedd396f490a6a01bef03857e0000],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [c8b1724ea3e770c661e13eb8b350bf41],

Files: 8
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug\.settings, Quarantined, [db9eedd396f490a6a01bef03857e0000],
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug\dm.xml, Quarantined, [db9eedd396f490a6a01bef03857e0000],
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug\playlists.xml, Quarantined, [db9eedd396f490a6a01bef03857e0000],
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug\radio.xml, Quarantined, [db9eedd396f490a6a01bef03857e0000],
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug\log\log_2014-04-07.txt, Quarantined, [db9eedd396f490a6a01bef03857e0000],
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug\log\log_2014-04-13.txt, Quarantined, [db9eedd396f490a6a01bef03857e0000],
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug\queries\Lenka - Lenka.xml, Quarantined, [db9eedd396f490a6a01bef03857e0000],
PUP.Optional.MediaDrug.C, C:\Users\nikhi\AppData\Local\MediaDrug\queries\lenka.xml, Quarantined, [db9eedd396f490a6a01bef03857e0000],

Physical Sectors: 0
(No malicious items detected)


(end)

I couldn't copy the log file first time so I ran the scan again, here is the log of second scan -

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 30/06/2015
Scan Time: 2:14:40 AM
Logfile: mbam scan log.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.06.29.05
Rootkit Database: v2015.06.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: nikhi

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 406067
Time Elapsed: 7 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Thanks for your time,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 29, 2015, 03:03:56 PM
Hiya nikhil,

Thanks for the logs, continue please:

1.Download Malwarebytes Anti-Rootkit from this link:

 http://www.malwarebytes.org/products/mbar/ (http://www.malwarebytes.org/products/mbar/)

2. Unzip the File to a convenient location. (Recommend the Desktop)
3. Open the folder where the contents were unzipped to run mbar.exe

(http://i121.photobucket.com/albums/o239/kevinf80/MB%20Anti%20Rootkit/Image1.png)

4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:

(http://i121.photobucket.com/albums/o239/kevinf80/MB%20Anti%20Rootkit/mbarwm.png)

5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

6. The following image opens, select Next.

(http://i121.photobucket.com/albums/o239/kevinf80/MB%20Anti%20Rootkit/Image2.png)

7. The following image opens, select Update

(http://i121.photobucket.com/albums/o239/kevinf80/MB%20Anti%20Rootkit/Image3.png)

8. When the update completes select Next.

(http://i121.photobucket.com/albums/o239/kevinf80/MB%20Anti%20Rootkit/Image4.png)

9. In the following window ensure "Targets" are ticked. Then select "Scan"

(http://i121.photobucket.com/albums/o239/kevinf80/MB%20Anti%20Rootkit/Image5.png)

10. If an infection is found select the "Cleanup Button" to remove threats, Reboot if prompted. Wait while the system shuts down and the cleanup process is performed.

(http://i121.photobucket.com/albums/o239/kevinf80/MB%20Anti%20Rootkit/MBAntiRKcleanA.png)

11. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click "Cleanup Button" once more and repeat the process.
12. If no threats were found you will see the following image, Select Exit:

(http://i121.photobucket.com/albums/o239/kevinf80/MB%20Anti%20Rootkit/Image6.png)

13. Verify that your system is now running normally, making sure that the following items are functional:


14.  If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included within Malwarebytes Anti-Rootkit folder.

15. Select "Y" from your Keyboard, tap Enter.

16. The fix will be applied, select any key to Exit.

17. Let me know how your system now responds. Copy and paste the two following logs from the mbar folder:

System - log
Mbar - log   Date and time of scan will also be shown

Thanks,

Kevin...
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 03:57:00 PM
Hi Kevin,

I ran mbar.exe without any problems. Here is the system log file content -

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17843

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.793000 GHz
Memory total: 8476565504, free: 5045964800

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17843

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.793000 GHz
Memory total: 8476565504, free: 5047898112

Downloaded database version: v2015.06.29.05
Downloaded database version: v2015.06.26.01
Downloaded database version: v2015.06.26.01
=======================================
Initializing...
------------ Kernel report ------------
     06/30/2015 03:05:13
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\stdcfltn.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\cnnctfy2.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\nvkflt.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETwNs64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\cykbfltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\cymfltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\Accelern.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\irstrtdv.sys
\SystemRoot\system32\DRIVERS\AMPPAL.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\cyhid.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\iwdbus.sys
\SystemRoot\system32\drivers\DellProf.sys
\SystemRoot\system32\drivers\DDDriver64Dcsa.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\CtClsFlt.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\TurboB.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\adfs.SYS
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\??\C:\Program Files\kprocesshacker.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\advapi32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\imm32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\msctf.dll
\Windows\System32\usp10.dll
\Windows\System32\shlwapi.dll
\Windows\System32\ole32.dll
\Windows\System32\normaliz.dll
\Windows\System32\lpk.dll
\Windows\System32\kernel32.dll
\Windows\System32\sechost.dll
\Windows\System32\psapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\setupapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\nsi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\Wldap32.dll
\Windows\System32\urlmon.dll
\Windows\System32\gdi32.dll
\Windows\System32\iertutil.dll
\Windows\System32\user32.dll
\Windows\System32\wininet.dll
\Windows\System32\msvcrt.dll
\Windows\System32\comdlg32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\shell32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.06.29.05
  rootkit: v2015.06.26.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8008e77060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8008e77b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8008e77060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8008d79cb0, DeviceName: Unknown, DriverName: \Driver\stdcfltn\
DevicePointer: 0xfffffa8006f8c910, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007c75050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7F2837E

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 208782

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 212992  Numsec = 40960000
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 41172992  Numsec = 442164742

    Partition 3 type is Other (0x84)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 483340288  Numsec = 16775168

Disk Size: 256060514304 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-212992-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

Here is the mbar log content -

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.29.05
  rootkit: v2015.06.26.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
nikhi :: NIKHIL-PC [administrator]

30/06/2015 3:05:25 AM
mbar-log-2015-06-30 (03-05-25).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 408205
Time elapsed: 6 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

System is running fine on the outset (like before), I am able to access internet, firewall seems fine.

But i am still not able to install updates related to MSE and also the ********.exe files in the program files folder are still there.

new ********.exe files are not getting created after running MBAM from chameleon window. I didn't try starting MSE, as this seems to be related to malware.

What should i do with ********.exe files and MSE?

Do you want me to attach some screenshots of the properties window of a ********.exe file?

Thank you for your time,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 29, 2015, 04:03:54 PM
Thanks for the update nikhil, lets continue:

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the two logs....

Next,

Download Farbar Service Scanner from here: http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/ (http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/) and run it on the computer with the issue.
Make sure the following options are checked:


Let me see those logs....

Cheers,

Kevin

Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 04:23:14 PM
Hi Kevin,

I was able to run FRST and FSS successfully.

Here is the FRST log file content - 'part 1'

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by nikhi (administrator) on NIKHIL-PC on 30-06-2015 03:39:34
Running from C:\Users\nikhi\Desktop
Loaded Profiles: nikhi (Available Profiles: nikhi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\xampp\mysql\bin\mysqld.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Cypress Semiconductor, Inc.) C:\Program Files\Cypress\TrackPad\CyHidWin.exe
(Cypress Semiconductor Corporation) C:\Program Files\Cypress\TrackPad\CyCpIo.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Sensible Vision) C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7214696 2011-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4146848 2011-07-13] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-11-01] (Intel(R) Corporation)
HKLM\...\Run: [CyHidWin] => C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2354176 2011-10-19] (Cypress Semiconductor, Inc.)
HKLM\...\Run: [CyCpIo] => C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2375168 2011-11-09] (Cypress Semiconductor Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [VISIONTEK 3G USB MODEM] => [X]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [96240 2011-08-19] (Sensible Vision )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\RunOnce: [C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\bemkqmh] => cmd /C rd "C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\bemkqmh" /s/q
HKLM-x32\...\RunOnce: [C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\pmg] => cmd /C rd "C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\pmg" /s/q
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist Corporate\1084\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2011-08-19] (Sensible Vision )
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Run: [GoogleChromeAutoLaunch_CC670EC9C0039784BBC144C8FE53E009] => C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Run: [Google Update] => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-29] (Google Inc.)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\nikhi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk [2013-09-01]
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2052094510-1569341030-3252781033-1001] => http=10.93.0.37:3333;https=10.93.0.37:3333;ftp=10.93.0.37:3333
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {866926D5-EF0F-4343-98DC-FEDF90CF55CA} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {866926D5-EF0F-4343-98DC-FEDF90CF55CA} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001 -> {866926D5-EF0F-4343-98DC-FEDF90CF55CA} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2011-08-19] (Sensible Vision )
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-29] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2011-08-19] (Sensible Vision )
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-29] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 10.24.0.193 10.65.0.3
Tcpip\..\Interfaces\{039EE222-7F10-4B8F-B359-751EC810EF8B}: [DhcpNameServer] 10.24.0.193 10.65.0.3
Tcpip\..\Interfaces\{A54243E9-3874-4FCF-A82C-D8FB1C981A9B}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\nikhi\AppData\Roaming\Mozilla\Firefox\Profiles\emxei7vq.default
FF NetworkProxy: "backup.ftp", "hproxy.iitm.ac.in"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "hproxy.iitm.ac.in"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "hproxy.iitm.ac.in"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "hproxy.iitm.ac.in"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "hproxy.iitm.ac.in"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "hproxy.iitm.ac.in"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "hproxy.iitm.ac.in"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npCortona.dll [2009-06-01] (ParallelGraphics)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.1.0.5292844\npmathplugin.dll [2015-03-24] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2052094510-1569341030-3252781033-1001: @citrixonline.com/appdetectorplugin -> C:\Users\nikhi\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-27] (Citrix Online)
FF Plugin HKU\S-1-5-21-2052094510-1569341030-3252781033-1001: @tools.google.com/Google Update;version=3 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-2052094510-1569341030-3252781033-1001: @tools.google.com/Google Update;version=9 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-13] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCortona.dll [2009-06-01] (ParallelGraphics)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\nikhi\AppData\Roaming\Mozilla\Firefox\Profiles\emxei7vq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2012-03-29]

Chrome:
=======
CHR Profile: C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-27]
CHR Extension: (YouTube) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-29]
CHR Extension: (Google Search) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-29]
CHR Extension: (FlashCards) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\diejjofgldkjkhmfjagdjdodjebpglhb [2012-07-29]
CHR Extension: (Dropbox for Gmail) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-06-29]
CHR Extension: (Proxy SwitchySharp) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2012-11-01]
CHR Extension: (Gmail Offline) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2012-10-03]
CHR Extension: (Web Lab) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgacgeibpdjllcjckbmgecpahipdjabe [2012-07-29]
CHR Extension: (Downloads Router) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkboeogiiklpklnjgdiaghaiehcknjo [2015-06-04]
CHR Extension: (AdBlock) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-04]
CHR Extension: (AdBlock Plus) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\golcpiifbdpfpldfmjjlgjcocfllkkam [2014-07-14]
CHR Extension: (Wiki-It) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\himihkiolakpnmfdkgdjnakpbiibabea [2013-08-27]
CHR Extension: (mysms - SMS from Computer) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2012-10-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Tom Sachs) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lppegiodmddaaljhkfjokkepamifbekj [2012-07-29]
CHR Extension: (Google Wallet) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Type Fu (hosted)) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo [2012-07-29]
CHR Extension: (Recent Bookmarks) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\olndffocioplakeilhkgenfgdincjlpn [2013-12-01]
CHR Extension: (Gmail) - C:\Users\nikhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-29]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [13312 2011-08-21] () [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232152 2015-05-20] (Dell Inc.)
R2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2451440 2011-08-19] (Sensible Vision ) [File not signed]
S2 Flexlm Service 1; C:\SIMULIA\License\lmgrd.exe [1767688 2011-07-18] (Acresso Software Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-28] (NVIDIA Corporation)
S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1084\G2AC_Service.exe [310080 2015-03-27] (Citrix Online, a division of Citrix Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation) [File not signed]
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation)
U2 mysql; c:\xampp\mysql\bin\mysqld.exe [8158720 2011-09-09] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-11-01] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-28] (NVIDIA Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
S2 Texis Monitor; C:\SIMULIA\Documentation\monitor.exe [4493312 2013-01-17] (Expansion Programs International, Inc.) [File not signed]
R2 VSSS; C:\Users\nikhi\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [104873984 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [31344 2012-11-19] (Connectify)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R3 cyhid; C:\Windows\System32\DRIVERS\cyhid.sys [117248 2011-12-09] (Cypress Semiconductor, Inc.)
R3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [13824 2011-12-09] (Cypress Semiconductor, Inc.)
R3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [79872 2011-12-09] (Cypress Semiconductor, Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-31] (DT Soft Ltd)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-05-28] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-06-29] ()
S3 WCDMA_Datacard_Usb_Ser; C:\Windows\System32\DRIVERS\WCDMA_Datacard_Usb_Ser.sys [121088 2013-01-15] (QUALCOMM Incorporated)
R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 04:25:20 PM
Hi Kevin,

'Part 2'

here is the FRST log (contd.) -

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 03:05 - 2015-06-30 03:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-30 03:03 - 2015-06-30 03:12 - 00000000 ____D C:\Users\nikhi\Desktop\mbar
2015-06-30 01:54 - 2015-06-30 01:54 - 01415680 _____ (wj32) C:\Program Files\1KDZMOJC.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 01415680 _____ (wj32) C:\Program Files\X97JHTR5.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 01415680 _____ (wj32) C:\Program Files\TR31ZX99.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 01415680 _____ (wj32) C:\Program Files\FKMOKVXK.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 01415680 _____ (wj32) C:\Program Files\FHJLKSUK.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 01415680 _____ (wj32) C:\Program Files\V3EMU2K6.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 01415680 _____ (wj32) C:\Program Files\O89KD3HS.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 01415680 _____ (wj32) C:\Program Files\JLNSUWYO.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 01415680 _____ (wj32) C:\Program Files\AIK1GOWS.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 01415680 _____ (wj32) C:\Program Files\357CEGI8.exe
2015-06-30 01:10 - 2015-06-30 01:10 - 773260030 _____ C:\Windows\MEMORY.DMP
2015-06-30 01:10 - 2015-06-30 01:10 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\nikhi\Desktop\rkill64.exe
2015-06-30 01:10 - 2015-06-30 01:10 - 00262144 _____ C:\Windows\Minidump\063015-9204-01.dmp
2015-06-30 01:10 - 2015-06-30 01:10 - 00000702 _____ C:\Users\nikhi\Desktop\Rkill.txt
2015-06-30 01:08 - 2015-06-30 01:09 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\nikhi\Desktop\rkill.exe
2015-06-30 00:55 - 2015-06-30 00:55 - 01415680 _____ (wj32) C:\Program Files\EWY0279B.exe
2015-06-30 00:54 - 2015-06-30 00:54 - 01415680 _____ (wj32) C:\Program Files\KJ951XTG.exe
2015-06-30 00:54 - 2015-06-30 00:54 - 01415680 _____ (wj32) C:\Program Files\BGINPRTV.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 01415680 _____ (wj32) C:\Program Files\ZXVT5311.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 01415680 _____ (wj32) C:\Program Files\TYX246WJ.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 01415680 _____ (wj32) C:\Program Files\NZXVT53L.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 01415680 _____ (wj32) C:\Program Files\LNSXZ46T.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 01415680 _____ (wj32) C:\Program Files\GIKMRT84.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 01415680 _____ (wj32) C:\Program Files\TVX2468V.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 01415680 _____ (wj32) C:\Program Files\LBGXSU27.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 01415680 _____ (wj32) C:\Program Files\IKM168DK.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 01415680 _____ (wj32) C:\Program Files\8ACHJLND.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 01415680 _____ (wj32) C:\Program Files\XV7531DB.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 01415680 _____ (wj32) C:\Program Files\KSUZ135U.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 01415680 _____ (wj32) C:\Program Files\B9LJHFRX.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\Z468AFH1.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\X249BACZ.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\PRTV024R.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\7FKY6HPR.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\68ACHJLN.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\168DIKPC.exe
2015-06-29 17:56 - 2015-06-29 17:56 - 01415680 _____ (wj32) C:\Program Files\NV6LT192.exe
2015-06-29 17:56 - 2015-06-29 17:56 - 01415680 _____ (wj32) C:\Program Files\9EGIKPRN.exe
2015-06-29 16:53 - 2015-06-29 17:37 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-29 16:53 - 2015-06-29 16:53 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-06-29 16:50 - 2015-06-29 16:52 - 17853688 _____ C:\Users\nikhi\Desktop\RogueKiller.exe
2015-06-29 16:46 - 2015-06-30 03:39 - 00028110 _____ C:\Users\nikhi\Desktop\FRST.txt
2015-06-29 16:46 - 2015-06-30 03:39 - 00000000 ____D C:\FRST
2015-06-29 16:46 - 2015-06-29 16:46 - 00069788 _____ C:\Users\nikhi\Desktop\Addition.txt
2015-06-29 16:45 - 2015-06-29 16:45 - 02112512 _____ (Farbar) C:\Users\nikhi\Desktop\FRST64.exe
2015-06-29 14:34 - 2015-06-30 03:05 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-29 14:34 - 2015-06-30 03:04 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-29 14:34 - 2015-06-29 14:34 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-29 14:34 - 2015-06-29 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-29 14:34 - 2015-06-29 14:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-29 14:34 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-29 14:34 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-29 13:30 - 2015-06-29 13:30 - 00000000 ____D C:\Users\nikhi\Desktop\images
2015-06-29 12:52 - 2015-06-29 12:52 - 00689664 _____ C:\Users\nikhi\Downloads\MicrosoftFixit50202.msi
2015-06-29 12:25 - 2015-06-29 12:26 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\nikhi\Desktop\mbam-setup-2.1.6.1022 (1).exe
2015-06-29 12:03 - 2015-06-29 12:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-29 11:52 - 2015-06-29 11:52 - 04800856 _____ (McAfee, Inc.) C:\Users\nikhi\Desktop\MCPR.exe
2015-06-29 03:04 - 2015-06-29 03:04 - 37328992 _____ (Oracle Corporation) C:\Users\nikhi\Downloads\jre-8u45-windows-i586.exe
2015-06-29 02:30 - 2015-06-29 02:30 - 00040895 _____ C:\Users\nikhi\Desktop\dds.txt
2015-06-29 02:30 - 2015-06-29 02:30 - 00001331 _____ C:\Users\nikhi\Desktop\attach.txt
2015-06-29 02:25 - 2015-06-29 02:25 - 00688992 ____R (Swearware) C:\Users\nikhi\Desktop\dds.com
2015-06-25 15:00 - 2015-06-25 15:00 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\deskPDF
2015-06-25 12:02 - 2015-06-30 03:01 - 00000000 ____D C:\Users\nikhi\Desktop\malware removal
2015-06-25 11:59 - 2015-06-25 16:55 - 00000106 _____ C:\Windows\FitCtrl.ini
2015-06-25 11:53 - 2000-09-17 12:51 - 00002279 _____ C:\Users\nikhi\Documents\M05-01.z
2015-06-25 06:55 - 2015-06-25 06:55 - 00003250 _____ C:\Windows\System32\Tasks\{C6E22D41-2256-4CFB-9331-2B5F6A64CE4D}
2015-06-25 06:54 - 2015-06-25 06:54 - 00001121 _____ C:\Users\Public\Desktop\MEISP trial version.lnk
2015-06-25 06:54 - 2015-06-25 06:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Powergraphy
2015-06-25 06:54 - 2015-06-25 06:54 - 00000000 ____D C:\Program Files (x86)\Powergraphy
2015-06-25 06:54 - 2001-09-02 08:04 - 00339968 _____ (GipsySoft) C:\Windows\SysWOW64\QHTM.dll
2015-06-25 06:54 - 1999-06-24 14:50 - 00499782 _____ (Code Jockey: http://www.codejockeys.com/kstowell/) C:\Windows\SysWOW64\CJ60Libd.dll
2015-06-25 06:54 - 1999-03-22 23:00 - 00401484 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcrtd.dll
2015-06-25 06:54 - 1999-01-14 04:10 - 00036352 _____ C:\Windows\SysWOW64\Sx32w.dll
2015-06-25 06:54 - 1998-11-17 18:27 - 00427520 _____ (Digital Equipment Corporation) C:\Windows\SysWOW64\Dformd.dll
2015-06-25 06:54 - 1998-11-17 18:25 - 00420864 _____ (Digital Equipment Corporation) C:\Windows\SysWOW64\Dforrt.dll
2015-06-25 06:54 - 1998-09-24 23:00 - 00929844 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42d.dll
2015-06-25 06:54 - 1998-09-24 23:00 - 00798773 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfco42d.dll
2015-06-25 06:54 - 1998-06-16 23:00 - 00516173 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcp60d.dll
2015-06-25 06:54 - 1997-10-03 09:06 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcp50.dll
2015-06-25 06:52 - 1997-11-19 15:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-06-25 05:17 - 2015-06-25 05:17 - 00000000 ____D C:\Program Files (x86)\Windows Resource Kits
2015-06-24 15:15 - 2015-06-24 15:15 - 00002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-06-24 15:15 - 2015-06-24 15:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-24 15:15 - 2015-06-24 15:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-06-24 12:29 - 2015-06-24 12:30 - 00000000 ____D C:\SFCFix
2015-06-24 12:13 - 2015-06-24 12:30 - 00000000 ____D C:\Users\nikhi\AppData\Local\niemiro
2015-06-24 01:10 - 2015-06-24 12:48 - 00000198 _____ C:\Users\nikhi\AppData\Local\Support.ini
2015-06-24 01:10 - 2015-06-24 12:46 - 00000000 ____D C:\Users\nikhi\AppData\Local\AvastSupport
2015-06-24 01:06 - 2015-06-24 01:06 - 00661128 _____ (AVAST Software) C:\Users\nikhi\Downloads\avastsupport.exe
2015-06-23 23:56 - 2015-06-24 00:09 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-23 23:41 - 2015-06-24 13:00 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-16 23:23 - 2015-06-13 13:04 - 03099085 _____ C:\Users\nikhi\Downloads\LEVMWL.zip
2015-06-16 23:16 - 2015-06-25 14:06 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\Help
2015-06-16 23:16 - 2015-06-25 14:04 - 00000000 ____D C:\Users\nikhi\AppData\Local\Help
2015-06-16 23:16 - 2009-08-04 23:26 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2015-06-16 23:16 - 2009-08-04 23:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2015-06-16 23:16 - 2009-08-04 23:25 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2015-06-16 23:15 - 2015-06-16 23:15 - 00718172 _____ C:\Users\nikhi\Downloads\Windows6.1-KB917607-x64.msu
2015-06-12 11:26 - 2015-06-12 11:26 - 00000000 ____D C:\Program Files (x86)\Dell Update
2015-06-10 00:11 - 2015-06-02 00:46 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 00:11 - 2015-06-01 23:37 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 00:11 - 2015-05-27 20:05 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 00:11 - 2015-05-27 19:38 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 00:11 - 2015-05-25 23:49 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 00:11 - 2015-05-23 08:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 00:11 - 2015-05-23 08:45 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 00:11 - 2015-05-23 08:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 00:11 - 2015-05-23 08:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 00:11 - 2015-05-23 08:44 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 00:11 - 2015-05-23 08:43 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 00:11 - 2015-05-23 08:40 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 00:11 - 2015-05-23 08:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 00:11 - 2015-05-23 08:38 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 00:11 - 2015-05-23 08:36 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 00:11 - 2015-05-23 08:35 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 00:11 - 2015-05-23 08:35 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 00:11 - 2015-05-23 08:34 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 00:11 - 2015-05-23 08:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 00:11 - 2015-05-23 08:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 00:11 - 2015-05-23 08:19 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 00:11 - 2015-05-23 08:18 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 00:11 - 2015-05-23 08:17 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 00:11 - 2015-05-23 08:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 00:11 - 2015-05-23 08:08 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 00:11 - 2015-05-23 08:07 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 00:11 - 2015-05-23 08:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 00:11 - 2015-05-23 07:58 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 00:11 - 2015-05-23 07:50 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 00:11 - 2015-05-23 07:46 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 00:11 - 2015-05-23 07:44 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 00:11 - 2015-05-23 00:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 00:11 - 2015-05-23 00:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 00:11 - 2015-05-23 00:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 00:11 - 2015-05-23 00:30 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 00:11 - 2015-05-23 00:30 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 00:11 - 2015-05-23 00:30 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 00:11 - 2015-05-23 00:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 00:11 - 2015-05-23 00:29 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 00:11 - 2015-05-23 00:23 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 00:11 - 2015-05-23 00:22 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 00:11 - 2015-05-23 00:22 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 00:11 - 2015-05-23 00:18 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 00:11 - 2015-05-23 00:17 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 00:11 - 2015-05-23 00:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 00:11 - 2015-05-23 00:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 00:11 - 2015-05-23 00:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 00:11 - 2015-05-23 00:10 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 00:11 - 2015-05-23 00:06 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 00:11 - 2015-05-22 23:59 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 00:11 - 2015-05-22 23:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 00:11 - 2015-05-22 23:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 00:11 - 2015-05-22 23:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 00:11 - 2015-05-22 23:37 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 00:11 - 2015-05-22 23:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 00:11 - 2015-05-22 23:35 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 00:11 - 2015-05-22 23:35 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 00:11 - 2015-05-22 23:27 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 00:11 - 2015-05-22 23:20 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 00:11 - 2015-05-22 23:08 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 00:11 - 2015-05-22 22:56 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 00:11 - 2015-04-29 23:52 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 00:11 - 2015-04-29 23:51 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 00:11 - 2015-04-29 23:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 00:11 - 2015-04-29 23:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 00:11 - 2015-04-29 23:49 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 00:11 - 2015-04-29 23:37 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 00:11 - 2015-04-29 23:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 00:11 - 2015-04-29 23:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 00:11 - 2015-04-29 23:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 00:11 - 2015-04-29 23:35 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 00:10 - 2015-05-25 23:54 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 00:10 - 2015-05-25 23:53 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 00:10 - 2015-05-25 23:53 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 00:10 - 2015-05-25 23:51 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 00:10 - 2015-05-25 23:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 00:10 - 2015-05-25 23:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 00:10 - 2015-05-25 23:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 00:10 - 2015-05-25 23:44 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 00:10 - 2015-05-25 23:44 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:37 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 00:10 - 2015-05-25 23:37 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 00:10 - 2015-05-25 23:34 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 00:10 - 2015-05-25 23:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 00:10 - 2015-05-25 23:30 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 00:10 - 2015-05-25 23:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 00:10 - 2015-05-25 23:29 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 00:10 - 2015-05-25 23:29 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 00:10 - 2015-05-25 23:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 00:10 - 2015-05-25 23:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 00:10 - 2015-05-25 23:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 00:10 - 2015-05-25 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:38 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 00:10 - 2015-05-25 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 00:10 - 2015-05-25 22:20 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 00:10 - 2015-05-25 22:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 00:10 - 2015-05-25 22:18 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 00:10 - 2015-05-25 22:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 00:10 - 2015-04-24 23:47 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 00:10 - 2015-04-24 23:26 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 00:10 - 2015-04-11 08:49 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-09 20:51 - 2015-06-09 21:40 - 854812021 _____ C:\Users\nikhi\Downloads\Chef.2014.720p.BluRay.x264.YIFY.mp4
2015-06-08 09:40 - 2015-06-08 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2015-06-08 09:40 - 2015-06-08 09:40 - 00000000 ____D C:\Program Files\Common Files\Wolfram Research
2015-06-08 09:33 - 2015-06-08 09:33 - 00000000 ____D C:\Program Files\Wolfram Research
2015-06-07 21:58 - 2015-06-20 23:43 - 00000000 ____D C:\Users\nikhi\Downloads\Video
2015-06-07 21:58 - 2015-06-14 21:05 - 00000000 ____D C:\Users\nikhi\Downloads\Compressed
2015-06-07 21:56 - 2015-06-07 21:56 - 00000000 ____D C:\Users\nikhi\Downloads\Internet Download Manager (IDM) 6.23 Build 3 Final Incl. Crack [ATOM]
2015-06-07 18:42 - 2015-06-07 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-07 12:50 - 2015-06-07 12:50 - 00000000 ____D C:\Users\nikhi\AppData\Local\Wolfram Research
2015-06-07 00:11 - 2015-06-07 00:11 - 00000000 ____D C:\Users\nikhi\Desktop\Tor Browser
2015-06-06 16:27 - 2015-06-06 16:28 - 00000000 ____D C:\ProgramData\MathematicaPlayer
2015-06-06 16:27 - 2015-06-06 16:27 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\MathematicaPlayer
2015-06-06 16:27 - 2015-06-06 16:27 - 00000000 ____D C:\Users\nikhi\AppData\Local\MathematicaPlayer
2015-06-06 16:27 - 2015-06-06 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram CDF Player
2015-06-06 16:26 - 2015-06-06 16:26 - 00000000 ____D C:\Program Files (x86)\Wolfram Research
2015-06-05 18:35 - 2015-06-05 18:35 - 00000000 ____D C:\Users\nikhi\Downloads\images
2015-06-05 12:34 - 2015-05-22 23:48 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 12:34 - 2015-05-22 23:48 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 12:34 - 2015-05-22 23:43 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 12:34 - 2015-05-21 18:49 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-03 10:25 - 2015-06-25 07:53 - 00000000 ____D C:\Users\nikhi\AppData\Local\Windows Live
2015-06-03 10:25 - 2015-06-03 10:25 - 00000000 ____D C:\Users\nikhi\AppData\Local\{A7FC2C82-9BB2-4D58-AED0-57B4037E5BB8}
2015-06-03 10:25 - 2015-06-03 10:25 - 00000000 ____D C:\Users\nikhi\AppData\Local\{9ACA744F-466D-41A1-9370-3530A0354075}
2015-06-03 10:23 - 2015-06-03 12:49 - 00000000 ____D C:\Users\nikhi\Downloads\National Building Code of India 2005_files
2015-06-03 00:23 - 2015-06-03 00:23 - 00000000 ____D C:\Users\nikhi\AppData\Local\Luiz Fernando
2015-06-03 00:18 - 2015-06-03 00:18 - 00000000 ____D C:\Program Files (x86)\GIF Viewer
2015-06-01 20:37 - 2015-06-01 20:37 - 00000000 ____D C:\Users\nikhi\AppData\Local\GWX
2015-06-01 20:34 - 2015-06-01 20:34 - 00000000 ____D C:\Users\nikhi\AppData\Local\NVIDIA Corporation
2015-06-01 20:34 - 2015-06-01 20:34 - 00000000 ____D C:\Users\nikhi\AppData\Local\NVIDIA
2015-06-01 20:30 - 2015-06-01 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-01 20:30 - 2015-05-28 12:34 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-01 20:30 - 2015-05-28 12:34 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-01 20:30 - 2015-05-28 12:34 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-01 20:30 - 2015-05-28 12:34 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-01 20:29 - 2015-06-01 20:29 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-06-01 20:29 - 2015-06-01 20:29 - 00000000 ____D C:\Windows\system32\NV
2015-06-01 20:29 - 2015-05-28 09:22 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-01 20:28 - 2015-06-01 20:28 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-01 20:28 - 2015-05-28 12:34 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-01 20:28 - 2015-05-28 12:34 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00299664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2015-06-01 20:28 - 2015-05-28 12:34 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00052880 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-01 20:28 - 2015-05-28 12:34 - 00031560 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-06-01 20:26 - 2015-06-01 20:26 - 00000000 ____D C:\NVIDIA
2015-05-31 12:28 - 2015-05-31 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader
2015-05-31 12:28 - 2015-05-31 12:28 - 00000000 ____D C:\Program Files (x86)\EPUB File Reader
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 04:34:06 PM
Hi Kevin,

'Part 3'

here is the FRST log (contd.) -

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 03:32 - 2012-03-29 17:14 - 01306502 _____ C:\Windows\WindowsUpdate.log
2015-06-30 03:27 - 2012-09-22 10:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-30 03:11 - 2012-07-29 19:42 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001UA.job
2015-06-30 03:10 - 2015-02-05 14:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-30 02:09 - 2015-01-17 11:36 - 00000000 ____D C:\ProgramData\APN
2015-06-30 01:20 - 2009-07-14 10:43 - 00912410 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-30 01:20 - 2009-07-14 10:15 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-30 01:20 - 2009-07-14 10:15 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-30 01:19 - 2014-01-25 20:06 - 00000000 ____D C:\Users\nikhi\Documents\Visual Studio 2008
2015-06-30 01:12 - 2012-11-19 17:47 - 00000000 ____D C:\Program Files (x86)\Connectify
2015-06-30 01:11 - 2012-09-22 10:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-30 01:11 - 2012-03-29 17:35 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2015-06-30 01:11 - 2012-03-29 17:35 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2015-06-30 01:11 - 2012-03-29 17:32 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2015-06-30 01:11 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-30 01:11 - 2009-07-14 10:21 - 00245228 _____ C:\Windows\setupact.log
2015-06-30 01:10 - 2012-08-28 21:09 - 00000000 ____D C:\Windows\Minidump
2015-06-30 01:10 - 2012-03-29 19:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-30 00:40 - 2010-11-21 09:17 - 01224668 _____ C:\Windows\PFRO.log
2015-06-30 00:33 - 2012-07-17 00:23 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\vlc
2015-06-29 14:48 - 2009-07-14 11:02 - 00000000 ____D C:\Windows\addins
2015-06-29 13:11 - 2012-07-29 19:42 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001Core.job
2015-06-29 12:39 - 2012-04-30 07:32 - 00001379 _____ C:\Users\nikhi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-29 12:13 - 2012-04-30 07:26 - 00115624 _____ C:\Users\nikhi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-29 12:13 - 2009-07-14 10:15 - 03033600 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-29 03:34 - 2012-08-15 22:51 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-29 03:33 - 2013-09-15 22:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-06-29 03:33 - 2010-11-21 12:46 - 00000000 ____D C:\Windows\ShellNew
2015-06-29 03:33 - 2009-07-14 11:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-29 03:33 - 2009-07-14 08:04 - 00000521 _____ C:\Windows\win.ini
2015-06-29 03:32 - 2009-07-14 08:50 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-29 03:10 - 2015-02-05 14:20 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-29 03:10 - 2014-07-14 13:34 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-29 03:10 - 2012-07-12 15:24 - 00000000 ____D C:\Users\nikhi\AppData\Local\Adobe
2015-06-29 03:10 - 2012-03-29 17:15 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-29 03:06 - 2014-07-22 13:35 - 00000000 ____D C:\ProgramData\Oracle
2015-06-29 03:06 - 2014-07-22 13:35 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-29 03:05 - 2014-07-22 13:35 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-29 03:05 - 2012-03-29 17:26 - 00000000 ____D C:\Program Files\Java
2015-06-29 02:51 - 2014-02-24 23:24 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\DMCache
2015-06-29 02:40 - 2015-01-17 11:35 - 00000000 ____D C:\Users\nikhi\AppData\Roaming\uTorrent
2015-06-28 23:28 - 2013-12-31 03:02 - 00008730 _____ C:\Windows\IE11_main.log
2015-06-27 14:21 - 2013-04-19 15:57 - 00000000 ____D C:\Users\nikhi\Documents\MATLAB
2015-06-25 06:27 - 2011-02-10 21:40 - 00896720 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-24 15:15 - 2012-08-18 12:48 - 00001945 _____ C:\Windows\epplauncher.mif
2015-06-24 15:14 - 2014-12-29 08:42 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 03:21 - 2013-06-23 23:25 - 00007633 _____ C:\Users\nikhi\AppData\Local\resmon.resmoncfg
2015-06-24 02:20 - 2013-08-31 16:55 - 00000000 ____D C:\Windows\pss
2015-06-24 01:47 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\system32\NDF
2015-06-23 23:20 - 2012-03-29 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-06-23 23:20 - 2012-03-29 17:32 - 00000000 ____D C:\Program Files\Dell
2015-06-23 23:12 - 2012-09-04 14:11 - 00000000 ____D C:\Users\nikhi\Documents\CFI
2015-06-23 16:43 - 2014-01-25 20:04 - 00000000 ____D C:\Users\nikhi\Documents\Visual Studio 2010
2015-06-23 09:25 - 2012-07-24 09:00 - 00000000 ____D C:\ProgramData\PCDr
2015-06-22 10:19 - 2015-04-08 16:12 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2015-06-20 11:43 - 2012-11-19 17:48 - 00000000 ____D C:\Users\nikhi\AppData\Local\Connectify
2015-06-17 11:07 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\rescache
2015-06-16 23:32 - 2015-05-13 16:40 - 00000000 ____D C:\Users\nikhi\Documents\1 DDP
2015-06-16 23:14 - 2015-02-03 21:05 - 00000000 __SHD C:\Users\nikhi\AppData\Local\EmieBrowserModeList
2015-06-16 23:14 - 2014-06-07 13:41 - 00000000 __SHD C:\Users\nikhi\AppData\Local\EmieUserList
2015-06-16 23:14 - 2014-06-07 13:41 - 00000000 __SHD C:\Users\nikhi\AppData\Local\EmieSiteList
2015-06-16 21:25 - 2015-05-17 15:58 - 00000000 ____D C:\Users\nikhi\Documents\3 summer
2015-06-13 18:29 - 2012-09-22 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-13 17:16 - 2014-08-20 18:00 - 00000000 ____D C:\Users\nikhi\Documents\Origin User Files
2015-06-12 21:03 - 2012-09-07 14:27 - 00000000 ____D C:\Users\nikhi\Desktop\Temp
2015-06-12 11:20 - 2012-03-29 18:58 - 00000000 ____D C:\ProgramData\Dell
2015-06-10 07:25 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 03:07 - 2013-09-14 03:25 - 00000000 ____D C:\Windows\system32\MRT
2015-06-09 11:46 - 2015-03-29 01:24 - 00000000 ____D C:\Users\nikhi\Downloads\tore
2015-06-08 17:32 - 2012-09-04 14:12 - 00000000 ____D C:\Users\nikhi\Documents\others
2015-06-08 17:30 - 2013-01-31 02:02 - 00000000 ____D C:\Users\nikhi\Documents\Papers
2015-06-08 17:20 - 2012-09-06 16:17 - 00000000 ____D C:\Users\nikhi\Desktop\Applications
2015-06-08 09:40 - 2014-01-23 13:30 - 00000000 ____D C:\ProgramData\Mathematica
2015-06-08 09:40 - 2014-01-23 13:30 - 00000000 ____D C:\Program Files\Extras
2015-06-07 21:51 - 2014-07-14 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 16:34 - 2014-07-10 20:14 - 00000000 ____D C:\Users\nikhi\Documents\My Games
2015-06-06 16:33 - 2015-04-10 17:03 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-06-06 03:15 - 2014-12-11 07:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 03:15 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-02 03:00 - 2014-01-25 20:07 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-01 20:34 - 2012-03-29 19:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-01 20:30 - 2012-03-29 19:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-01 20:30 - 2012-03-29 19:09 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-01 20:30 - 2012-03-29 17:32 - 00000000 ____D C:\Temp

==================== Files in the root of some directories =======

2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\168DIKPC.exe
2015-06-30 01:54 - 2015-06-30 01:54 - 1415680 _____ (wj32) C:\Program Files\1KDZMOJC.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 1415680 _____ (wj32) C:\Program Files\357CEGI8.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\68ACHJLN.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\7FKY6HPR.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 1415680 _____ (wj32) C:\Program Files\8ACHJLND.exe
2015-06-29 17:56 - 2015-06-29 17:56 - 1415680 _____ (wj32) C:\Program Files\9EGIKPRN.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 1415680 _____ (wj32) C:\Program Files\AIK1GOWS.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 1415680 _____ (wj32) C:\Program Files\B9LJHFRX.exe
2015-06-30 00:54 - 2015-06-30 00:54 - 1415680 _____ (wj32) C:\Program Files\BGINPRTV.exe
2015-06-30 00:55 - 2015-06-30 00:55 - 1415680 _____ (wj32) C:\Program Files\EWY0279B.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 1415680 _____ (wj32) C:\Program Files\FHJLKSUK.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 1415680 _____ (wj32) C:\Program Files\FKMOKVXK.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 1415680 _____ (wj32) C:\Program Files\GIKMRT84.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 1415680 _____ (wj32) C:\Program Files\IKM168DK.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 1415680 _____ (wj32) C:\Program Files\JLNSUWYO.exe
2015-06-30 00:54 - 2015-06-30 00:54 - 1415680 _____ (wj32) C:\Program Files\KJ951XTG.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 1415680 _____ (wj32) C:\Program Files\KSUZ135U.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 1415680 _____ (wj32) C:\Program Files\LBGXSU27.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 1415680 _____ (wj32) C:\Program Files\LNSXZ46T.exe
2015-06-29 17:56 - 2015-06-29 17:56 - 1415680 _____ (wj32) C:\Program Files\NV6LT192.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 1415680 _____ (wj32) C:\Program Files\NZXVT53L.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 1415680 _____ (wj32) C:\Program Files\O89KD3HS.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\PRTV024R.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 1415680 _____ (wj32) C:\Program Files\TR31ZX99.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 1415680 _____ (wj32) C:\Program Files\TVX2468V.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 1415680 _____ (wj32) C:\Program Files\TYX246WJ.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 1415680 _____ (wj32) C:\Program Files\V3EMU2K6.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\X249BACZ.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 1415680 _____ (wj32) C:\Program Files\X97JHTR5.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 1415680 _____ (wj32) C:\Program Files\XV7531DB.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\Z468AFH1.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 1415680 _____ (wj32) C:\Program Files\ZXVT5311.exe
2014-05-12 15:24 - 2014-05-12 15:24 - 0055783 _____ () C:\Program Files (x86)\uninstall-g95.exe
2012-07-13 00:27 - 2014-06-20 20:34 - 0011264 _____ () C:\Users\nikhi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-23 23:25 - 2015-06-24 03:21 - 0007633 _____ () C:\Users\nikhi\AppData\Local\resmon.resmoncfg
2015-06-24 01:10 - 2015-06-24 12:48 - 0000198 _____ () C:\Users\nikhi\AppData\Local\Support.ini
2014-06-20 20:32 - 2015-05-27 00:24 - 0000700 ___SH () C:\Users\nikhi\AppData\Local\systemFL7.dat
2015-05-26 23:36 - 2015-05-27 00:00 - 0011781 ___SH () C:\Users\nikhi\AppData\Local\win_flfiles_sys.dat
2014-11-20 13:27 - 2014-11-20 13:27 - 0000000 _____ () C:\Users\nikhi\AppData\Local\{98E06468-99E8-48E9-A541-CA2B1AA0377D}

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-24 16:19

==================== End of log ============================
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 04:35:42 PM
Hi Kevin,

'Part 4'

here is the addition log  -

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by nikhi at 2015-06-30 03:39:56
Running from C:\Users\nikhi\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2052094510-1569341030-3252781033-500 - Administrator - Disabled)
Guest (S-1-5-21-2052094510-1569341030-3252781033-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2052094510-1569341030-3252781033-1010 - Limited - Enabled)
nikhi (S-1-5-21-2052094510-1569341030-3252781033-1001 - Administrator - Enabled) => C:\Users\nikhi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Abaqus 6.12-3 (HKLM-x32\...\Abaqus 6.12-3) (Version: 6.12.0.0 - Dassault Systemes Simulia Corp.)
Abaqus FLEXnet License Server (HKLM-x32\...\Abaqus FLEXnet License Server) (Version: 6.9.0.0 - Dassault Systemes Simulia Corp.)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
C-Free 5.0 Professional (HKLM-x32\...\C-Free 5.0_is1) (Version:  - Program Arts)
Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix)
CMake 3.0.2, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.0.2) (Version: 3.0.2 - Kitware)
Connectify (HKLM\...\Connectify) (Version: 3.0.0.20932 - Connectify)
Cortona3D Viewer (HKLM-x32\...\{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}) (Version: 6.0.179 - ParallelGraphics)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crystal Reports Basic for Visual Studio 2008 (HKLM-x32\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
Cypress TrackPad (HKLM\...\{7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1) (Version: 2.3.6.26 - Cypress Semiconductor, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Debug Server (HKLM-x32\...\4F9A85D9-5F0E-E538-D71C-621DF59F81FA) (Version: 4.0 - Texas Instruments)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{0F99CA59-7CB4-4167-A43A-4B1D5E584281}) (Version: 1.6.301.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.50 - ArcSoft)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell Update (HKLM-x32\...\{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}) (Version: 1.6.1007.0 - Dell Inc.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2214 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2214 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Digimizer (HKLM-x32\...\{65118913-87D8-435B-92A6-C599485F3A4C}) (Version: 4.3.0 - MedCalc Software)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dropbox (HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DVDFab Media Player 2 (HKLM-x32\...\DVDFab Media Player 2_is1) (Version: 2.5.0.2 - Fengtao Software Inc.)
EAGLE 6.2.0 (HKLM-x32\...\EAGLE 6.2.0) (Version: 6.2.0 - CadSoft Computer GmbH)
Eagle3D 1.05 (HKLM-x32\...\Eagle3D_is1) (Version:  - Matthias Weißer)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - epubfilereader.com)
Face Recognition (HKLM\...\{B132D631-AD31-41C1-BC8A-9715104C633F}) (Version: 3.1.70.1 - Sensible Vision)
GC (HKLM-x32\...\GC) (Version:  - ) <==== ATTENTION
GIF Viewer (HKLM-x32\...\GIF Viewer) (Version:  - )
Git version 1.8.1.2-preview20130201 (HKLM-x32\...\Git_is1) (Version: 1.8.1.2-preview20130201 - The Git Development Community)
GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32)
Google Chrome (HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.2.0.1084 - Citrix Online, a division of Citrix Systems, Inc.)
i686-4.9.1-posix-dwarf-rt_v3-rev1 (HKLM-x32\...\i686-4.9.1-posix-dwarf-rt_v3-rev1) (Version:  - MinGW-W64)
ICSD Database for X'Pert HighScore Plus V1.5 (HKLM-x32\...\InstallShield_{C2F19F6A-F2B0-46F9-9887-CDD64BB18E60}) (Version: 1.50.0000 - PANalytical B.V.)
ICSD Database for X'Pert HighScore Plus V1.5 (x32 Version: 1.50.0000 - PANalytical B.V.) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1008 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel(R) WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
JabRef 2.9.2 (HKLM-x32\...\JabRef 2.9.2) (Version: 2.9.2 - JabRef Team)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170600}) (Version: 1.7.0.600 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LINDO 6.1 (HKLM-x32\...\{C19796D5-E477-40A1-8C78-DF2EB439D99B}) (Version: 6.1.0 - XXXXXXXX)
LyX 2.0.6 (HKLM-x32\...\LyX206) (Version: 2.0.6 - LyX Team)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MATLAB R2012b (HKLM\...\Matlab R2012b) (Version: 8.0 - The MathWorks, Inc.)
MEISP v3.0 Multiple EIS Parameterization trial version (HKLM-x32\...\MEISP v3.0 Multiple EIS Parameterization trial version) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Device Emulator (64 bit) version 3.0 - ENU (HKLM\...\{EF8B1A2E-9CCB-3AB2-91E3-4EEDAB1294E1}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft HPC Pack 2008 R2 MS-MPI Redistributable Pack (HKLM\...\{D3299935-57F7-403A-9D7B-0B8F9F56F44B}) (Version: 3.0.2369.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices ENU (HKLM-x32\...\{241F2BF7-69EB-42A4-9156-96B2426C7504}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM-x32\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2008 Professional Edition - ENU (HKLM-x32\...\Microsoft Visual Studio 2008 Professional Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{29C93182-34F6-3275-A18D-59326851CD57}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{9aa5f39c-a8de-46b0-919a-0248f8bc8490}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{62EED300-E841-4083-A1D6-60B906271804}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{A992BBAA-723D-4574-A07F-983BF8FAA3E1}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVC80_Runtime (HKLM-x32\...\{5E81B080-4629-4EC3-AA90-538394122120}) (Version: 1.0.0.0 - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin8 (x32 Version: 8.00.000 - OriginLab) Hidden
OriginPro 8 (HKLM-x32\...\{A912021A-FEDD-4DA3-8DB4-245EBDA84778}) (Version: 8.00.000 - OriginLab Corporation)
PANalytical X'Pert Highscore Plus (HKLM-x32\...\{C619E83D-62B9-4FE5-9736-F6DBD2850024}) (Version: 3.0.0 - PANalytical)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.8.0 - Prolific Technology INC)
POV-Ray for Windows v3.62 (HKLM\...\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}) (Version: 3.62 - Persistence of Vision Raytracer Pty. Ltd.)
Prism Video File Converter (HKLM-x32\...\Prism) (Version:  - NCH Software)
Python 2.7 pyserial-2.5 (HKLM-x32\...\pyserial-py2.7) (Version:  - )
Python 2.7.3 (HKLM-x32\...\{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}) (Version: 2.7.3150 - Python Software Foundation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
SIMULIA FLEXnet License Server (HKLM-x32\...\SIMULIA FLEXnet License Server) (Version: 6.12.0.0 - Dassault Systemes Simulia Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SSH Secure Shell (HKLM-x32\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version:  - )
SYS BIOS 6.30.02.42 (HKLM-x32\...\257D40B-AC0E-3A45-7DA7-2546F9DCCE01) (Version: 6.30.02.42 - Texas Instruments)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Ubuntu (HKLM-x32\...\Wubi) (Version: 12.04-rev266 - Ubuntu)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
VISIONTEK 3G USB MODEM (HKLM\...\VISIONTEK 3G USB MODEM - VTK_is1) (Version:  - )
Visual C++ 2008 x64 Runtime - v9.0.30729.4967 (HKLM-x32\...\{2FD19779-BD96-31F4-954D-7C7FE546BFD1}.vc_x64runtime_30729_4967) (Version: 9.0.30729.4967 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.4967 (HKLM-x32\...\{EC1F1209-E48D-38B0-BE25-B37C6BFCF676}.vc_x86runtime_30729_4967) (Version: 9.0.30729.4967 - Microsoft Corporation)
Visual Studio .NET Prerequisites - English (HKLM\...\{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}) (Version: 9.0.21022 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows Driver Package - Silicon Laboratories (silabenm) Ports  (12/10/2012 6.6.1.0) (HKLM\...\D680DEE0F68D64EC53D0C5769879D15D387054CC) (Version: 12/10/2012 6.6.1.0 - Silicon Laboratories)
Windows Driver Package - Texas Instruments (usbser) Ports  (12/11/2007 1.3) (HKLM\...\B89452C8A2A1FCF2E1BCF0ECA27FB6019CFA00CF) (Version: 12/11/2007 1.3 - Texas Instruments)
Windows Driver Package - Texas Instruments, Inc (umpusbvista) Ports  (10/20/2009 6.5.9017.0) (HKLM\...\287456DB90C1DA963CF09266912A2F7FFEF599C5) (Version: 10/20/2009 6.5.9017.0 - Texas Instruments, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM-x32\...\{6C9F6D23-E9AD-43C9-B43A-011562AAF876}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM-x32\...\{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wolfram CDF Player (M-WIN-D 8.0.4 2609533) (HKLM-x32\...\M-WIN-D 8.0.4 2609533_is1) (Version: 8.0.4 - Wolfram Research, Inc.)
Wolfram Extras 10.1 (5292844) (HKLM\...\A-WIN-Extras 10.1.0 5292844_is1) (Version: 10.1.0 - Wolfram Research, Inc.)
Wolfram Mathematica 10.1 (M-WIN-L 10.1.0 5292918) (HKLM\...\M-WIN-L 10.1.0 5292918_is1) (Version: 10.1.0 - Wolfram Research, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikhi\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2052094510-1569341030-3252781033-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\nikhi\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 04:36:42 PM
Hi Kevin,

'Part 5'

here is the addition log (contd.) -

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-29 17:20 - 2015-06-30 00:39 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {261EB4F7-F22F-436D-8A39-F3DB4DE2AA25} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {41209D24-F5A0-4260-B3BB-2D02CB7CBC5B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {4DC70E6E-5006-4CD3-804D-69FF1A14CD02} - System32\Tasks\{D574E3D9-AE97-4001-BEE3-0EE5E708A146} => pcalua.exe -a "C:\Program Files (x86)\NewSoftware's\Folder Lock\uninstall.exe" -c -u
Task: {4EB1AA38-6345-496C-8B17-0185E3AEF7CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001UA => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.)
Task: {57F7AD66-2872-43F1-A226-B2223FE8CFE3} - System32\Tasks\{5C0929CB-AC8C-43D8-B24F-F9858688F03B} => pcalua.exe -a "C:\Users\nikhi\Documents\My Received Files\Driver.exe" -d "C:\Users\nikhi\Documents\My Received Files"
Task: {5BD8F4C6-B3E6-4287-93FA-4AE8B026FEE3} - System32\Tasks\{A0E20DF1-85F0-4FCF-82CD-465F45228656} => pcalua.exe -a G:\setup.exe -d G:\
Task: {5D6394BA-C317-4B61-815A-213B508F55DE} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-29] (Microsoft Corporation)
Task: {6477175B-C3F2-4086-A9D7-9D6BB03FDE8F} - \FF Watcher {87EA3E8B-0A16-4191-BFFB-10CD9E4726A6} No Task File <==== ATTENTION
Task: {65F432A0-2DBB-4C09-9A2C-E60A9A4E9786} - System32\Tasks\{C6E22D41-2256-4CFB-9331-2B5F6A64CE4D} => pcalua.exe -a "C:\Users\nikhi\Documents\3 summer\EIS\MEISP\MEISP3trial\SETUP.EXE" -d "C:\Users\nikhi\Documents\3 summer\EIS\MEISP\MEISP3trial"
Task: {720D524B-4D83-4091-A6F7-113E1DE8B25C} - System32\Tasks\{2C39F887-DB06-4A60-A7D3-7FA2806415F8} => pcalua.exe -a G:\setup.exe -d G:\
Task: {7485E90C-B193-425E-BEE3-A5E98764CEBC} - System32\Tasks\{672E7985-9A63-4161-BC46-54F3CC5D9478} => pcalua.exe -a C:\Users\nikhi\Downloads\softwares\B2CAppSetup.exe -d C:\Users\nikhi\Downloads\softwares
Task: {7AA89D3A-74EA-4341-9761-F07CAA059C43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {82EDC209-02FC-4CED-BB8D-DE9A1CD97D21} - System32\Tasks\{A09A70C0-C2A7-47BB-B167-CF0D76A67124} => C:\Users\nikhi\Downloads\PL2303_Prolific_DriverInstaller_v1.8.0.exe
Task: {9DE739CB-D71B-4BC4-9665-7A61C530209D} - System32\Tasks\{7B730A6D-459D-48C2-A97E-5BDBFE7F72FD} => C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {AD6EE0E2-CD14-4083-97AC-245B59F648B8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {B8C3DEF1-95A2-4A30-B7B5-024ABD9A8CD3} - System32\Tasks\{62572284-90B3-4562-9980-071DE1F82323} => C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe
Task: {BF1EA1D7-FDB4-433F-B2CC-1402BC8290FC} - \Windows Updater No Task File <==== ATTENTION
Task: {C0780FB9-20CF-4B03-9396-B0DEECB31797} - System32\Tasks\{01247515-48A8-41A1-8064-CC78B4CB8FD7} => pcalua.exe -a C:\ProgramData\MovieMode\uninstall.exe -c /kb=y /ic=1
Task: {C20E7815-AB4F-4916-A161-56BCE6BBDC93} - \Escolade No Task File <==== ATTENTION
Task: {D2525DFF-B778-4999-8904-2E5EE763EF04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-22] (Google Inc.)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E5DEAE35-C6E6-45D1-95CD-1B893146BDAF} - \Your File Updater No Task File <==== ATTENTION
Task: {F2FB1D55-8648-4A5B-A95A-13DC8E7DABFA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-22] (Google Inc.)
Task: {F53661A2-8FFF-480F-BB20-3F68847A125D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001Core => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.)
Task: {FC091041-F8AA-4EDA-AC18-D628CAC28A20} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-29] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001Core.job => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052094510-1569341030-3252781033-1001UA.job => C:\Users\nikhi\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2011-08-19 22:04 - 2011-08-19 22:04 - 00095216 _____ () C:\Windows\system32\FAIEExtension.DLL
2015-06-01 20:28 - 2015-05-28 12:34 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-03-29 19:09 - 2015-05-28 09:45 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-11-01 23:28 - 2011-11-01 23:28 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2015-01-02 12:39 - 2013-06-17 17:40 - 00035944 _____ () C:\Windows\system32\ddmon4-64x.dll
2011-08-21 02:20 - 2011-08-21 02:20 - 00013312 _____ () C:\Program Files (x86)\Connectify\ConnectifyService.exe
2011-09-09 23:16 - 2011-09-09 23:16 - 08158720 _____ () c:\xampp\mysql\bin\mysqld.exe
2012-03-29 17:32 - 2011-09-22 20:44 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-03-29 18:43 - 2011-07-20 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-03-22 23:00 - 2013-02-01 10:27 - 00718322 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2014-05-12 15:19 - 2014-05-12 15:19 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2011-08-23 21:17 - 2011-08-23 21:17 - 00022344 _____ () C:\Program Files (x86)\Connectify\DriverLib.dll
2011-08-23 21:17 - 2011-08-23 21:17 - 00440136 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2011-08-23 21:17 - 2011-08-23 21:17 - 00014152 _____ () C:\Program Files (x86)\Connectify\BuildProps.dll
2011-08-23 21:18 - 2011-08-23 21:18 - 00641864 _____ () C:\Program Files (x86)\Connectify\Vendors.dll
2015-06-01 20:28 - 2015-05-28 12:34 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-06-01 20:30 - 2015-05-28 12:34 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-23 04:12 - 2015-06-20 11:16 - 01281864 _____ () C:\Users\nikhi\AppData\Local\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 04:12 - 2015-06-20 11:16 - 00080712 _____ () C:\Users\nikhi\AppData\Local\Google\Chrome\Application\43.0.2357.130\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2052094510-1569341030-3252781033-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nikhi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.24.0.193 - 10.65.0.3

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^nikhi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^nikhi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^g.lnk => C:\Windows\pss\g.lnk.Startup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: FATrayAlert => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: GoldenFilterPro => C:\Program Files (x86)\Golden Filter Premium\GFPro.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_CC670EC9C0039784BBC144C8FE53E009 => "C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: Stage Remote => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57E03FB4-3E20-418D-8A2C-B8AA2A5332D4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4E419913-0DC4-47DC-B1E9-6934A5954146}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{C3AB7065-4D35-490F-A666-58114D2BBDFA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{44C08911-3351-464B-BAC2-7292C43B7629}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{14C1B747-2047-4ABE-BC4C-B91B1E25C785}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{693C0EB9-B2AF-4C2D-A797-631625FAE7B8}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{F5FC63CC-C6D0-46FA-9967-8E77293F8ED7}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{E6DE1E01-F508-4CEB-8479-1236EC410BD3}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{640335AE-D227-430B-B25B-0783170B14F2}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{CA3AA5BA-EF09-48AD-9F1B-6E64F9A63830}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{4128BC22-7283-4F22-8116-B86075F6C75D}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{A7D043D0-1B2B-4F6A-B2D9-EFD18D8E97FA}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{94C3E324-41E4-4A7F-A045-D3741F39A6C0}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{EF5F85A6-4522-4798-9BFF-C666E0116EB4}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{A2FECF16-01FC-4E81-859D-96C14E32EE07}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{2CE18008-9062-40DB-A288-0E0D87E374EB}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{676C7A2E-2DBD-4AC7-82BE-200F2911FD01}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B4CF26DC-6347-4C61-9E52-55990F185CA9}] => (Allow) LPort=2869
FirewallRules: [{73D24F49-FE9F-4EB1-94FA-B0C9D53B8EDC}] => (Allow) LPort=1900
FirewallRules: [{0120744C-7C11-461A-B920-5B82943075A8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{AAFAAD32-D29E-4C66-A30F-03074A9D2BD2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{5CEBE90B-1EC3-4469-8C8D-37B996953E8E}] => (Allow) C:\Program Files\dell stage\dell stage\accuweather\accuweather.exe
FirewallRules: [{864E3224-F19F-47AA-9D84-829AD8B1700F}] => (Allow) C:\Program Files\dell stage\musicstage\musicstageengine.exe
FirewallRules: [{41E549ED-764F-40F6-BF25-FAEA10B93BF7}] => (Allow) C:\Program Files\dell stage\dell stage\stage_primary.exe
FirewallRules: [{5E63BB37-1172-499D-B5B6-EAB7EDCF9915}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{0C1DCBCE-859C-4DFF-99B8-EBD14D8F34FB}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{E3A8D006-1B1B-4E89-9B2B-45C2490CCA6A}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{F442E654-6D28-4377-A703-B451AE4E843B}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [TCP Query User{810FEA20-E3C0-4217-9D4B-0212177EDF92}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [UDP Query User{D0D8032F-6026-425A-8645-76401752A483}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [TCP Query User{0C39954A-79DA-407B-B8E8-2661D93C7667}C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe] => (Block) C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe
FirewallRules: [UDP Query User{33FBE53B-A746-4BFE-B45C-95700DF23B6E}C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe] => (Block) C:\users\nikhi\downloads\xampp\filezillaftp\filezilla server.exe
FirewallRules: [TCP Query User{1B9EBD6B-97C7-42AD-9598-F65DD5232B61}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{BCD12F31-D5B9-45D9-B434-043FD4F7C971}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{4FF64CDB-1BA5-4219-9224-4BEDCFD5489B}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{0BCD5BBD-D961-4E23-A167-95FB870804C6}] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{90A401A1-B3F2-4CF1-9AFA-1ADFFAF324F7}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{220B0D9A-1235-4BD7-A5AF-198446CC41D2}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{3F418A9F-A7C0-4ABE-8EE3-046DDCC785FC}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{6A7174C6-CAF5-4CC7-8460-E308606996CD}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{24BE5CF1-DFF4-4348-A8D8-946FA97B9BB6}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{F8872BE0-EED2-4AD9-8BD1-95C9579A21CF}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{60EEBC5A-2A21-49DE-B943-3AC833E14E91}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{C5A0FE71-F7F1-43DC-B7F5-9267AD9E95A2}] => (Allow) LPort=5353
FirewallRules: [{D70E6BFF-C322-4EBF-993D-866517E3A961}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{9893E50E-042E-44EB-A712-0991B432DE23}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{AB96A81E-4076-4E60-9AAA-992EC188866E}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{AE0CF48F-6646-4D83-85FE-1C400120B50F}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{7272560F-DE81-4E43-9911-14A3180EE40A}C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4954F0A5-8B90-4FD8-AFC0-847576F7D564}C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nikhi\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{9DB8C9F0-ECC5-4AA5-8E6D-64560BBCFA3E}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{A1D6BDD7-C5EF-484E-8ED9-45AEF0408274}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{FDA55C6B-0E12-47E2-9036-22AC7EA33EC0}C:\program files\java\jdk1.7.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\bin\java.exe
FirewallRules: [UDP Query User{0D74282A-31FC-4DD4-AA4B-3E0B34220BDD}C:\program files\java\jdk1.7.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\bin\java.exe
FirewallRules: [TCP Query User{250437BC-F23C-47F6-8028-5313E28E7275}C:\program files (x86)\android\android-studio\bin\studio64.exe] => (Allow) C:\program files (x86)\android\android-studio\bin\studio64.exe
FirewallRules: [UDP Query User{F379BC8D-F830-45C3-BA69-EB6228A3288B}C:\program files (x86)\android\android-studio\bin\studio64.exe] => (Allow) C:\program files (x86)\android\android-studio\bin\studio64.exe
FirewallRules: [TCP Query User{47B7B16C-67EF-4E97-88BC-624593F52DA8}C:\program files\java\jdk1.7.0_60\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\jre\bin\java.exe
FirewallRules: [UDP Query User{F0442609-6D2A-4A34-A9CA-85A390D48EDE}C:\program files\java\jdk1.7.0_60\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_60\jre\bin\java.exe
FirewallRules: [TCP Query User{4CE48181-88DD-4A42-992C-B51572E75D18}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [UDP Query User{332F1F2C-49F5-4411-AED1-C63BA4FE710A}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [TCP Query User{E0804482-C5A9-4C3C-BE58-B8BE379DA9EB}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{24C17EAA-74F6-47EC-95FB-89505AC68530}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{F419B112-696A-48E8-8D98-46BA46BC19EE}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{9681C9F6-6AB9-43E0-AB4D-F278B268E23C}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{D83D1521-1321-4D17-B448-57DA5413F2CF}C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [UDP Query User{B03C92F9-3EF9-426B-B4D8-F8246784B4DD}C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [{AFDC974E-3E64-4708-AB9A-140CFA1501D3}] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [{477D494A-3F48-46FD-A32A-34C7E6785124}] => (Allow) C:\users\nikhi\videos\nikhil vids\movies\age of empire-ii the conquerors\age2_x1.exe
FirewallRules: [TCP Query User{2B9985E1-25B9-4ABD-8711-1B02A0042063}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe
FirewallRules: [UDP Query User{08155706-22DD-40A0-93A2-72A1929B8F86}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe
FirewallRules: [TCP Query User{4F0A93C1-66FE-4BE0-8C9B-792C73B993F0}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [UDP Query User{E573F712-A75B-4925-B9E0-B4C7008DA251}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [TCP Query User{D5B600C5-6B28-47A1-95AC-7F2B3307A6FB}C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe
FirewallRules: [UDP Query User{1853A4DD-D122-4B15-844B-031629E71C10}C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\nikhi\appdata\local\temp\i1413567985\windows\resource\jre\bin\javaw.exe
FirewallRules: [TCP Query User{F9DE120C-2106-4E27-BBDF-DF6CC59D404A}C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe
FirewallRules: [UDP Query User{7FCBB499-22B0-433E-B871-D236E8385087}C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.14-2se\code\bin\abqcaek.exe
FirewallRules: [TCP Query User{E81913A9-8BD8-4AD9-A8E7-237F2AAF48A5}C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe
FirewallRules: [UDP Query User{6C406757-605F-4FA1-91A2-3BAF720B5320}C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\abqcaek.exe
FirewallRules: [TCP Query User{5454FC32-A6AA-48B1-B559-C5DFEBEEF441}C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe
FirewallRules: [UDP Query User{6CF0E49C-FC62-4E5E-8635-82D047A6087A}C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe] => (Allow) C:\simulia\abaqus\6.12-3\code\bin\elit_driverlm.exe
FirewallRules: [TCP Query User{79FDC51A-4676-4ED2-93C9-8726C77CFB9D}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{7DE94361-7825-45BB-BAA6-63AEAF38B52C}C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{CF7D2ED8-62ED-4A6D-8271-921850DA4C70}] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{1FD8DC0A-C0E3-4E54-B542-0DD4F6C3E0F1}] => (Allow) C:\users\nikhi\downloads\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{0B985C98-BF88-430D-9089-57631D4614EC}] => (Allow) C:\Users\nikhi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4D1B0604-3844-414D-BF89-1ABD481B382A}] => (Allow) C:\Users\nikhi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{AC2AC823-F388-48C4-A3B1-69A3BB84D5A0}F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{2909B1B1-3BE5-4BFD-9AEB-A02B17AA3886}F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) F:\virus free\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{F3CDEB18-E7CA-40CA-A1D1-1A2423A47D3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{72FD2E2C-A1DD-43B7-9604-0D246A15A058}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E0C3D1A9-A19C-4532-80D7-2526CF524B80}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4DE08C36-ED08-415C-9878-002B1E0CC89F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{9DA4AA08-CC8B-433C-9266-E42DF3D679F5}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{2992B977-D4FC-4948-AB9E-DF8ADCFF616C}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{37C814DF-4C96-4359-AA7B-40C20068A274}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{3669A687-928A-472A-9DD8-24F6A1FD5FC4}C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe] => (Allow) C:\users\nikhi\videos\age of empire-ii the conquerors\age2_x1\age2_x1.exe
FirewallRules: [{A7CE81FB-007D-4B35-A7B8-E56AA7493D5D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8EC8B1F2-83A8-4639-AD50-F79E25CF3763}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5ACF1D23-CD8D-458B-9423-DECE408EEFA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{829E2A21-2ED2-4BB6-B314-5D0A5FA6B6AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A33A4DCD-FAD6-48B9-A8DF-93B3AD150794}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6CBC3B70-2569-4AFE-9BA4-57A5A5157043}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F7947D78-9C01-4E09-A82E-C1B85F665523}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\WolframCDFPlayer.exe
FirewallRules: [{F1CDE83C-FEDA-46F6-BC38-59F239B947F0}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\WolframCDFPlayer.exe
FirewallRules: [{92F139A6-B9A3-4F01-9530-FFEBF46A4F76}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\math.exe
FirewallRules: [{69F5A5EF-5CCA-4B31-93CC-978766132AB4}] => (Allow) C:\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\math.exe
FirewallRules: [{385CE409-7DD4-4AAE-9020-C7523685DD01}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\Mathematica.exe
FirewallRules: [{A1080F99-52C8-48DA-8418-54A741499544}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\Mathematica.exe
FirewallRules: [{992C6C23-48ED-44E5-9E57-A48316230081}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\MathKernel.exe
FirewallRules: [{13D724E2-FEA9-4211-B934-9997394FB451}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\MathKernel.exe
FirewallRules: [{777C2982-89CD-4C23-9ED0-58204330A8FC}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\math.exe
FirewallRules: [{EF19EA9D-A731-4D7E-A8AF-997B251858EA}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.1\math.exe
FirewallRules: [{407612F5-F561-4821-B1CF-426CB02157C3}] => (Allow) C:\Users\nikhi\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/30/2015 01:11:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2015 00:40:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 05:56:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:50:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:34:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:54:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:46:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:33:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:13:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:55:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/30/2015 03:16:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.201.413.0).

Error: (06/30/2015 03:16:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.201.413.0).

Error: (06/30/2015 03:00:39 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer NetBT_Tcpip_{039EE222-7F10-4B8F-B359-751EC810EF8B}
that believes that it is the master browser for the domain on transport %3.
The master browser is stopping or an election is being forced.

Error: (06/30/2015 01:12:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Run the configured recovery program.

Error: (06/30/2015 01:12:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Flexlm Service 1 service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/30/2015 01:12:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The mysql service hung on starting.

Error: (06/30/2015 01:12:04 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/30/2015 01:11:34 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/30/2015 01:11:00 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000f4 (0x0000000000000003, 0xfffffa800b807060, 0xfffffa800b807340, 0xfffff80003d79e20)C:\Windows\MEMORY.DMP063015-9204-01

Error: (06/30/2015 01:10:59 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:10:10 AM on ‎30/‎06/‎2015 was unexpected.


Microsoft Office:
=========================
Error: (06/30/2015 01:11:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2015 00:40:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 05:56:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:50:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:34:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:54:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:46:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:33:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 00:13:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2015 02:55:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz
Percentage of memory in use: 43%
Total physical RAM: 8083.88 MB
Available physical RAM: 4579.25 MB
Total Pagefile: 16165.97 MB
Available Pagefile: 12179.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:210.84 GB) (Free:53.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=210.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)

==================== End of log ============================
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 04:37:35 PM
Hi Kevin,

'Part 6'

here is the FSS log  -

Farbar Service Scanner Version: 17-01-2015
Ran by nikhi (administrator) on 30-06-2015 at 03:44:15
Running from "C:\Users\nikhi\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.

RpcSs Service is not running. Checking service configuration:
The start type of RpcSs service is OK.
The ImagePath of RpcSs service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 04:45:10 PM
Hi Kevin,

I've noticed that the FRST log listed the ********.exe files here -

==================== Files in the root of some directories =======

2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\168DIKPC.exe
2015-06-30 01:54 - 2015-06-30 01:54 - 1415680 _____ (wj32) C:\Program Files\1KDZMOJC.exe ........

As I've mentioned before these files seem to be connected to malware which is causing my MSE not to start or update.

Any idea why MBAM, mbar or any other scanners are not able to remove them completely (some of ********.exe files have been moved but not all)

Thank you for your time,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 29, 2015, 05:03:48 PM
Hello nikhil,

The files you mention are new files that are being created, possibly there is a dropper that we have not found yet...

We continue as follows:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Please read carefully and follow these steps.
(http://i121.photobucket.com/albums/o239/kevinf80/New%20TDSSKiller/tdb.png)


Next,

Let me see those logs.... do you have access to another pc, also have a usb flash drive or blank cd?

Thanks,

Kevin..
 
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 05:12:47 PM
Hi Kevin,

Thank you for your quick reply.

I have access to another computer and also USB, CD but not immediately. I can have access it in 7-8 hours from now.

I am not able to see fixlist.txt attached, could you please post it again.

Thank you,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 29, 2015, 05:20:11 PM
Thanks for update nikhil, not sure why the file is not attaching... A usb is good, no need for CD. I attach file once more.

Continue with TDSSKiller if file is attached for FRST fix. I want to see what happens after this before I ask for you to use the usb stick...

Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 29, 2015, 05:39:40 PM
Hi Kevin,

the TDSSkiller has one more additional options - use KSN to scan objects (default checked)

and two more places to scan -
1. services and drivers - (default checked)
2. loaded modules - (default unchecked)

Should I leave the other extra ones to default options?

Thank you for your time,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 29, 2015, 06:02:40 PM
Hiya nikhil,

Yes please leave settings as default for TDSSKiller... Is getting late for me, nearly 1 am local time. I`ll have to catch up later after some sleep....

Cheers,

Kevin
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 30, 2015, 05:13:32 AM
Hi Kevin,

Both the scans ran successfully.. Here is the content of fixlog file -

Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by nikhi at 2015-06-30 04:57:23 Run:2
Running from C:\Users\nikhi\Desktop
Loaded Profiles: nikhi (Available Profiles: nikhi)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
2015-06-30 01:54 - 2015-06-30 01:54 - 01415680 _____ (wj32) C:\Program Files\1KDZMOJC.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 01415680 _____ (wj32) C:\Program Files\X97JHTR5.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 01415680 _____ (wj32) C:\Program Files\TR31ZX99.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 01415680 _____ (wj32) C:\Program Files\FKMOKVXK.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 01415680 _____ (wj32) C:\Program Files\FHJLKSUK.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 01415680 _____ (wj32) C:\Program Files\V3EMU2K6.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 01415680 _____ (wj32) C:\Program Files\O89KD3HS.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 01415680 _____ (wj32) C:\Program Files\JLNSUWYO.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 01415680 _____ (wj32) C:\Program Files\AIK1GOWS.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 01415680 _____ (wj32) C:\Program Files\357CEGI8.exe
2015-06-30 00:55 - 2015-06-30 00:55 - 01415680 _____ (wj32) C:\Program Files\EWY0279B.exe
2015-06-30 00:54 - 2015-06-30 00:54 - 01415680 _____ (wj32) C:\Program Files\KJ951XTG.exe
2015-06-30 00:54 - 2015-06-30 00:54 - 01415680 _____ (wj32) C:\Program Files\BGINPRTV.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 01415680 _____ (wj32) C:\Program Files\ZXVT5311.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 01415680 _____ (wj32) C:\Program Files\TYX246WJ.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 01415680 _____ (wj32) C:\Program Files\NZXVT53L.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 01415680 _____ (wj32) C:\Program Files\LNSXZ46T.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 01415680 _____ (wj32) C:\Program Files\GIKMRT84.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 01415680 _____ (wj32) C:\Program Files\TVX2468V.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 01415680 _____ (wj32) C:\Program Files\LBGXSU27.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 01415680 _____ (wj32) C:\Program Files\IKM168DK.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 01415680 _____ (wj32) C:\Program Files\8ACHJLND.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 01415680 _____ (wj32) C:\Program Files\XV7531DB.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 01415680 _____ (wj32) C:\Program Files\KSUZ135U.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 01415680 _____ (wj32) C:\Program Files\B9LJHFRX.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\Z468AFH1.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\X249BACZ.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\PRTV024R.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\7FKY6HPR.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\68ACHJLN.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 01415680 _____ (wj32) C:\Program Files\168DIKPC.exe
2015-06-29 17:56 - 2015-06-29 17:56 - 01415680 _____ (wj32) C:\Program Files\NV6LT192.exe
2015-06-29 17:56 - 2015-06-29 17:56 - 01415680 _____ (wj32) C:\Program Files\9EGIKPRN.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\168DIKPC.exe
2015-06-30 01:54 - 2015-06-30 01:54 - 1415680 _____ (wj32) C:\Program Files\1KDZMOJC.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 1415680 _____ (wj32) C:\Program Files\357CEGI8.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\68ACHJLN.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\7FKY6HPR.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 1415680 _____ (wj32) C:\Program Files\8ACHJLND.exe
2015-06-29 17:56 - 2015-06-29 17:56 - 1415680 _____ (wj32) C:\Program Files\9EGIKPRN.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 1415680 _____ (wj32) C:\Program Files\AIK1GOWS.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 1415680 _____ (wj32) C:\Program Files\B9LJHFRX.exe
2015-06-30 00:54 - 2015-06-30 00:54 - 1415680 _____ (wj32) C:\Program Files\BGINPRTV.exe
2015-06-30 00:55 - 2015-06-30 00:55 - 1415680 _____ (wj32) C:\Program Files\EWY0279B.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 1415680 _____ (wj32) C:\Program Files\FHJLKSUK.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 1415680 _____ (wj32) C:\Program Files\FKMOKVXK.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 1415680 _____ (wj32) C:\Program Files\GIKMRT84.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 1415680 _____ (wj32) C:\Program Files\IKM168DK.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 1415680 _____ (wj32) C:\Program Files\JLNSUWYO.exe
2015-06-30 00:54 - 2015-06-30 00:54 - 1415680 _____ (wj32) C:\Program Files\KJ951XTG.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 1415680 _____ (wj32) C:\Program Files\KSUZ135U.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 1415680 _____ (wj32) C:\Program Files\LBGXSU27.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 1415680 _____ (wj32) C:\Program Files\LNSXZ46T.exe
2015-06-29 17:56 - 2015-06-29 17:56 - 1415680 _____ (wj32) C:\Program Files\NV6LT192.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 1415680 _____ (wj32) C:\Program Files\NZXVT53L.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 1415680 _____ (wj32) C:\Program Files\O89KD3HS.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\PRTV024R.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 1415680 _____ (wj32) C:\Program Files\TR31ZX99.exe
2015-06-30 00:40 - 2015-06-30 00:40 - 1415680 _____ (wj32) C:\Program Files\TVX2468V.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 1415680 _____ (wj32) C:\Program Files\TYX246WJ.exe
2015-06-30 01:11 - 2015-06-30 01:11 - 1415680 _____ (wj32) C:\Program Files\V3EMU2K6.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\X249BACZ.exe
2015-06-30 01:12 - 2015-06-30 01:12 - 1415680 _____ (wj32) C:\Program Files\X97JHTR5.exe
2015-06-29 17:58 - 2015-06-29 17:58 - 1415680 _____ (wj32) C:\Program Files\XV7531DB.exe
2015-06-29 17:57 - 2015-06-29 17:57 - 1415680 _____ (wj32) C:\Program Files\Z468AFH1.exe
2015-06-30 00:41 - 2015-06-30 00:41 - 1415680 _____ (wj32) C:\Program Files\ZXVT5311.exe
Task: {6477175B-C3F2-4086-A9D7-9D6BB03FDE8F} - \FF Watcher {87EA3E8B-0A16-4191-BFFB-10CD9E4726A6} No Task File <==== ATTENTION
Task: {BF1EA1D7-FDB4-433F-B2CC-1402BC8290FC} - \Windows Updater No Task File <==== ATTENTION
Task: {C20E7815-AB4F-4916-A161-56BCE6BBDC93} - \Escolade No Task File <==== ATTENTION
Task: {E5DEAE35-C6E6-45D1-95CD-1B893146BDAF} - \Your File Updater No Task File <==== ATTENTION
Emptytemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully
C:\Program Files\1KDZMOJC.exe => moved successfully.
C:\Program Files\X97JHTR5.exe => moved successfully.
C:\Program Files\TR31ZX99.exe => moved successfully.
C:\Program Files\FKMOKVXK.exe => moved successfully.
C:\Program Files\FHJLKSUK.exe => moved successfully.
C:\Program Files\V3EMU2K6.exe => moved successfully.
C:\Program Files\O89KD3HS.exe => moved successfully.
C:\Program Files\JLNSUWYO.exe => moved successfully.
C:\Program Files\AIK1GOWS.exe => moved successfully.
C:\Program Files\357CEGI8.exe => moved successfully.
C:\Program Files\EWY0279B.exe => moved successfully.
C:\Program Files\KJ951XTG.exe => moved successfully.
C:\Program Files\BGINPRTV.exe => moved successfully.
C:\Program Files\ZXVT5311.exe => moved successfully.
C:\Program Files\TYX246WJ.exe => moved successfully.
C:\Program Files\NZXVT53L.exe => moved successfully.
C:\Program Files\LNSXZ46T.exe => moved successfully.
C:\Program Files\GIKMRT84.exe => moved successfully.
C:\Program Files\TVX2468V.exe => moved successfully.
C:\Program Files\LBGXSU27.exe => moved successfully.
C:\Program Files\IKM168DK.exe => moved successfully.
C:\Program Files\8ACHJLND.exe => moved successfully.
C:\Program Files\XV7531DB.exe => moved successfully.
C:\Program Files\KSUZ135U.exe => moved successfully.
C:\Program Files\B9LJHFRX.exe => moved successfully.
C:\Program Files\Z468AFH1.exe => moved successfully.
C:\Program Files\X249BACZ.exe => moved successfully.
C:\Program Files\PRTV024R.exe => moved successfully.
C:\Program Files\7FKY6HPR.exe => moved successfully.
C:\Program Files\68ACHJLN.exe => moved successfully.
C:\Program Files\168DIKPC.exe => moved successfully.
C:\Program Files\NV6LT192.exe => moved successfully.
C:\Program Files\9EGIKPRN.exe => moved successfully.
"C:\Program Files\168DIKPC.exe" => File/Folder not found.
"C:\Program Files\1KDZMOJC.exe" => File/Folder not found.
"C:\Program Files\357CEGI8.exe" => File/Folder not found.
"C:\Program Files\68ACHJLN.exe" => File/Folder not found.
"C:\Program Files\7FKY6HPR.exe" => File/Folder not found.
"C:\Program Files\8ACHJLND.exe" => File/Folder not found.
"C:\Program Files\9EGIKPRN.exe" => File/Folder not found.
"C:\Program Files\AIK1GOWS.exe" => File/Folder not found.
"C:\Program Files\B9LJHFRX.exe" => File/Folder not found.
"C:\Program Files\BGINPRTV.exe" => File/Folder not found.
"C:\Program Files\EWY0279B.exe" => File/Folder not found.
"C:\Program Files\FHJLKSUK.exe" => File/Folder not found.
"C:\Program Files\FKMOKVXK.exe" => File/Folder not found.
"C:\Program Files\GIKMRT84.exe" => File/Folder not found.
"C:\Program Files\IKM168DK.exe" => File/Folder not found.
"C:\Program Files\JLNSUWYO.exe" => File/Folder not found.
"C:\Program Files\KJ951XTG.exe" => File/Folder not found.
"C:\Program Files\KSUZ135U.exe" => File/Folder not found.
"C:\Program Files\LBGXSU27.exe" => File/Folder not found.
"C:\Program Files\LNSXZ46T.exe" => File/Folder not found.
"C:\Program Files\NV6LT192.exe" => File/Folder not found.
"C:\Program Files\NZXVT53L.exe" => File/Folder not found.
"C:\Program Files\O89KD3HS.exe" => File/Folder not found.
"C:\Program Files\PRTV024R.exe" => File/Folder not found.
"C:\Program Files\TR31ZX99.exe" => File/Folder not found.
"C:\Program Files\TVX2468V.exe" => File/Folder not found.
"C:\Program Files\TYX246WJ.exe" => File/Folder not found.
"C:\Program Files\V3EMU2K6.exe" => File/Folder not found.
"C:\Program Files\X249BACZ.exe" => File/Folder not found.
"C:\Program Files\X97JHTR5.exe" => File/Folder not found.
"C:\Program Files\XV7531DB.exe" => File/Folder not found.
"C:\Program Files\Z468AFH1.exe" => File/Folder not found.
"C:\Program Files\ZXVT5311.exe" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6477175B-C3F2-4086-A9D7-9D6BB03FDE8F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6477175B-C3F2-4086-A9D7-9D6BB03FDE8F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FF Watcher {87EA3E8B-0A16-4191-BFFB-10CD9E4726A6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF1EA1D7-FDB4-433F-B2CC-1402BC8290FC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF1EA1D7-FDB4-433F-B2CC-1402BC8290FC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Windows Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C20E7815-AB4F-4916-A161-56BCE6BBDC93}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C20E7815-AB4F-4916-A161-56BCE6BBDC93}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Escolade" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E5DEAE35-C6E6-45D1-95CD-1B893146BDAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5DEAE35-C6E6-45D1-95CD-1B893146BDAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Your File Updater" => key removed successfully
EmptyTemp: => 276.9 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 04:57:32 ====

Thank you for your time,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 30, 2015, 05:18:16 AM
Hi Kevin,

Here is the content of report of TDSSkiller 'Part 1' -

05:03:39.0239 0x1c40  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
05:03:46.0298 0x1c40  ============================================================
05:03:46.0298 0x1c40  Current date / time: 2015/06/30 05:03:46.0298
05:03:46.0298 0x1c40  SystemInfo:
05:03:46.0299 0x1c40 
05:03:46.0299 0x1c40  OS Version: 6.1.7601 ServicePack: 1.0
05:03:46.0299 0x1c40  Product type: Workstation
05:03:46.0299 0x1c40  ComputerName: NIKHIL-PC
05:03:46.0299 0x1c40  UserName: nikhi
05:03:46.0299 0x1c40  Windows directory: C:\Windows
05:03:46.0299 0x1c40  System windows directory: C:\Windows
05:03:46.0299 0x1c40  Running under WOW64
05:03:46.0299 0x1c40  Processor architecture: Intel x64
05:03:46.0299 0x1c40  Number of processors: 4
05:03:46.0299 0x1c40  Page size: 0x1000
05:03:46.0299 0x1c40  Boot type: Normal boot
05:03:46.0299 0x1c40  ============================================================
05:03:46.0564 0x1c40  KLMD registered as C:\Windows\system32\drivers\13630344.sys
05:03:46.0593 0x1c40  System UUID: {42DDD7AE-645E-120E-FCE7-86DF82EE8024}
05:03:46.0792 0x1c40  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:03:46.0796 0x1c40  ============================================================
05:03:46.0796 0x1c40  \Device\Harddisk0\DR0:
05:03:46.0796 0x1c40  MBR partitions:
05:03:46.0796 0x1c40  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
05:03:46.0796 0x1c40  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x1A5AE606
05:03:46.0796 0x1c40  ============================================================
05:03:46.0799 0x1c40  C: <-> \Device\Harddisk0\DR0\Partition2
05:03:46.0799 0x1c40  ============================================================
05:03:46.0799 0x1c40  Initialize success
05:03:46.0799 0x1c40  ============================================================
16:37:47.0872 0x1cd0  ============================================================
16:37:47.0872 0x1cd0  Scan started
16:37:47.0872 0x1cd0  Mode: Manual; SigCheck; TDLFS;
16:37:47.0872 0x1cd0  ============================================================
16:37:47.0872 0x1cd0  KSN ping started
16:37:48.0212 0x1cd0  KSN ping finished: true
16:37:48.0489 0x1cd0  ================ Scan system memory ========================
16:37:48.0489 0x1cd0  System memory - ok
16:37:48.0489 0x1cd0  ================ Scan services =============================
16:37:48.0522 0x1cd0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:37:48.0555 0x1cd0  1394ohci - ok
16:37:48.0561 0x1cd0  [ E0065CBF1A25C015C218457D2CD522B9, 610E90D70FAF624664C5111030C85CF27703DED031CB7293334EB4D67D0274C9 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
16:37:48.0570 0x1cd0  Acceler - ok
16:37:48.0579 0x1cd0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:37:48.0592 0x1cd0  ACPI - ok
16:37:48.0595 0x1cd0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:37:48.0604 0x1cd0  AcpiPmi - ok
16:37:48.0609 0x1cd0  [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs            C:\Windows\system32\drivers\adfs.sys
16:37:48.0616 0x1cd0  adfs - ok
16:37:48.0624 0x1cd0  [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:37:48.0632 0x1cd0  AdobeARMservice - ok
16:37:48.0662 0x1cd0  [ 1234A12B71DAE034E45C714AE5A54412, 079E6BC834F38322ED5ED76295EC3961ED894084EF5CB171DFFBD9B3822CC78D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:37:48.0674 0x1cd0  AdobeFlashPlayerUpdateSvc - ok
16:37:48.0687 0x1cd0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:37:48.0703 0x1cd0  adp94xx - ok
16:37:48.0712 0x1cd0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:37:48.0726 0x1cd0  adpahci - ok
16:37:48.0732 0x1cd0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:37:48.0742 0x1cd0  adpu320 - ok
16:37:48.0747 0x1cd0  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:37:48.0756 0x1cd0  AeLookupSvc - ok
16:37:48.0764 0x1cd0  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
16:37:48.0770 0x1cd0  AERTFilters - ok
16:37:48.0783 0x1cd0  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:37:48.0800 0x1cd0  AFD - ok
16:37:48.0805 0x1cd0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:37:48.0813 0x1cd0  agp440 - ok
16:37:48.0817 0x1cd0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:37:48.0830 0x1cd0  ALG - ok
16:37:48.0833 0x1cd0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:37:48.0840 0x1cd0  aliide - ok
16:37:48.0843 0x1cd0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:37:48.0850 0x1cd0  amdide - ok
16:37:48.0854 0x1cd0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:37:48.0864 0x1cd0  AmdK8 - ok
16:37:48.0868 0x1cd0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:37:48.0877 0x1cd0  AmdPPM - ok
16:37:48.0882 0x1cd0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:37:48.0891 0x1cd0  amdsata - ok
16:37:48.0897 0x1cd0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:37:48.0908 0x1cd0  amdsbs - ok
16:37:48.0910 0x1cd0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:37:48.0917 0x1cd0  amdxata - ok
16:37:48.0923 0x1cd0  [ 12E7A43A3C6840A063A82B04F7EF47C0, 8D6B8743323C724999102DFE3B85CF2B5165291D615678748A5DD82B19C0D2F9 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
16:37:48.0934 0x1cd0  AMPPAL - ok
16:37:48.0940 0x1cd0  [ 12E7A43A3C6840A063A82B04F7EF47C0, 8D6B8743323C724999102DFE3B85CF2B5165291D615678748A5DD82B19C0D2F9 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
16:37:48.0949 0x1cd0  AMPPALP - ok
16:37:48.0965 0x1cd0  [ 2CC0CBF2707BE4D5B6CE6B87D9DA2F97, 28E18DA8762A2D51DDB23A075233C9AF14E15DC21FEBF623F4221CF9692F5607 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
16:37:48.0983 0x1cd0  AMPPALR3 - ok
16:37:48.0987 0x1cd0  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
16:37:48.0998 0x1cd0  AppID - ok
16:37:49.0001 0x1cd0  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:37:49.0010 0x1cd0  AppIDSvc - ok
16:37:49.0014 0x1cd0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:37:49.0023 0x1cd0  Appinfo - ok
16:37:49.0027 0x1cd0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:37:49.0035 0x1cd0  arc - ok
16:37:49.0040 0x1cd0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:37:49.0048 0x1cd0  arcsas - ok
16:37:49.0062 0x1cd0  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:37:49.0072 0x1cd0  aspnet_state - ok
16:37:49.0075 0x1cd0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:37:49.0132 0x1cd0  AsyncMac - ok
16:37:49.0135 0x1cd0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:37:49.0142 0x1cd0  atapi - ok
16:37:49.0158 0x1cd0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:37:49.0178 0x1cd0  AudioEndpointBuilder - ok
16:37:49.0193 0x1cd0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:37:49.0212 0x1cd0  AudioSrv - ok
16:37:49.0220 0x1cd0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:37:49.0234 0x1cd0  AxInstSV - ok
16:37:49.0246 0x1cd0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:37:49.0264 0x1cd0  b06bdrv - ok
16:37:49.0272 0x1cd0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:37:49.0285 0x1cd0  b57nd60a - ok
16:37:49.0290 0x1cd0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:37:49.0300 0x1cd0  BDESVC - ok
16:37:49.0303 0x1cd0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:37:49.0326 0x1cd0  Beep - ok
16:37:49.0342 0x1cd0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:37:49.0364 0x1cd0  BFE - ok
16:37:49.0384 0x1cd0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:37:49.0423 0x1cd0  BITS - ok
16:37:49.0427 0x1cd0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:37:49.0437 0x1cd0  blbdrive - ok
16:37:49.0458 0x1cd0  [ 0F46D2845BD7DDACA52340ECC2B65DA3, 275984285080DF9907632964531B6F60F508D4B3A5EDE981E3441A962B8038B4 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
16:37:49.0479 0x1cd0  Bluetooth Device Monitor - ok
16:37:49.0507 0x1cd0  [ 3341DE556EC28252D603277609EEF8BF, 49964DBF402AF9465A911FF484FEFF4EFE74AFB47635B4AD7860AC21D2C5D7EA ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
16:37:49.0535 0x1cd0  Bluetooth Media Service - ok
16:37:49.0556 0x1cd0  [ 5D5C3EC9BE1107DEDF0FEB55B7F3BD77, E1FFDF4399919C7E1AAF0A30A194EFB324C9659A69847F8FB79E5A861B670D40 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
16:37:49.0579 0x1cd0  Bluetooth OBEX Service - ok
16:37:49.0584 0x1cd0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:37:49.0593 0x1cd0  bowser - ok
16:37:49.0596 0x1cd0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:37:49.0606 0x1cd0  BrFiltLo - ok
16:37:49.0609 0x1cd0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:37:49.0629 0x1cd0  BrFiltUp - ok
16:37:49.0634 0x1cd0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:37:49.0645 0x1cd0  Browser - ok
16:37:49.0654 0x1cd0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:37:49.0669 0x1cd0  Brserid - ok
16:37:49.0672 0x1cd0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:37:49.0683 0x1cd0  BrSerWdm - ok
16:37:49.0686 0x1cd0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:37:49.0697 0x1cd0  BrUsbMdm - ok
16:37:49.0699 0x1cd0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:37:49.0708 0x1cd0  BrUsbSer - ok
16:37:49.0712 0x1cd0  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
16:37:49.0721 0x1cd0  BthEnum - ok
16:37:49.0725 0x1cd0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:37:49.0737 0x1cd0  BTHMODEM - ok
16:37:49.0743 0x1cd0  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:37:49.0755 0x1cd0  BthPan - ok
16:37:49.0768 0x1cd0  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
16:37:49.0787 0x1cd0  BTHPORT - ok
16:37:49.0791 0x1cd0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:37:49.0815 0x1cd0  bthserv - ok
16:37:49.0820 0x1cd0  [ D6CEEC2F878149E4DB9FE93FA5D8FE60, 917AE8B4C9A3EE541E6B9A1155B490F2069AA47FB62C55BBAF4A06B149D870F5 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
16:37:49.0828 0x1cd0  BTHSSecurityMgr - ok
16:37:49.0832 0x1cd0  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
16:37:49.0842 0x1cd0  BTHUSB - ok
16:37:49.0846 0x1cd0  [ 274E47BD9C1367BDBFA9DF10C2E6C544, 196D7274AE0A461F58E8D18866DFC5C5ED35740EFEE34C348A7B9B225E4ED438 ] btmaudio        C:\Windows\system32\drivers\btmaud.sys
16:37:49.0854 0x1cd0  btmaudio - ok
16:37:49.0857 0x1cd0  [ AB0A33001FE7EBB209D9D52CED11BE1A, 1761D2EEEC745E649DDF8465E465F4C7EB07965E92B8E3D69B2CB9D634A167CF ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
16:37:49.0866 0x1cd0  btmaux - ok
16:37:49.0874 0x1cd0  [ 5BA4C6F82A5CA3307C0579D9F7B36E28, 4F6719AFB08BFE18C9124488233EC345BEF06D05D8E30EB9BBB8980446A4C08E ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
16:37:49.0887 0x1cd0  btmhsf - ok
16:37:49.0891 0x1cd0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:37:49.0916 0x1cd0  cdfs - ok
16:37:49.0921 0x1cd0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:37:49.0932 0x1cd0  cdrom - ok
16:37:49.0936 0x1cd0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:37:49.0960 0x1cd0  CertPropSvc - ok
16:37:49.0963 0x1cd0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:37:49.0974 0x1cd0  circlass - ok
16:37:49.0983 0x1cd0  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
16:37:49.0997 0x1cd0  CLFS - ok
16:37:50.0005 0x1cd0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:37:50.0013 0x1cd0  clr_optimization_v2.0.50727_32 - ok
16:37:50.0021 0x1cd0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:37:50.0030 0x1cd0  clr_optimization_v2.0.50727_64 - ok
16:37:50.0042 0x1cd0  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:37:50.0057 0x1cd0  clr_optimization_v4.0.30319_32 - ok
16:37:50.0062 0x1cd0  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:37:50.0074 0x1cd0  clr_optimization_v4.0.30319_64 - ok
16:37:50.0077 0x1cd0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:37:50.0086 0x1cd0  CmBatt - ok
16:37:50.0089 0x1cd0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:37:50.0097 0x1cd0  cmdide - ok
16:37:50.0108 0x1cd0  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:37:50.0128 0x1cd0  CNG - ok
16:37:50.0131 0x1cd0  [ 040FF3B09F26926A3792E047DB0F47DD, 665A4D692C5654B5D4FBAACB25057A28D7EB9464DDA5C9A9A737675D4BBDF990 ] cnnctfy2        C:\Windows\system32\DRIVERS\cnnctfy2.sys
16:37:50.0138 0x1cd0  cnnctfy2 - ok
16:37:50.0141 0x1cd0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:37:50.0148 0x1cd0  Compbatt - ok
16:37:50.0151 0x1cd0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:37:50.0162 0x1cd0  CompositeBus - ok
16:37:50.0164 0x1cd0  COMSysApp - ok
16:37:50.0168 0x1cd0  [ 839BF3E10311FBA5D0DF632623D5ED2B, BE926C506B0BB0C2CFA44099BF48ABE6BAF96CDC34ED8C3CFA7E1CA18FA281F0 ] Connectify      C:\Program Files (x86)\Connectify\ConnectifyService.exe
16:37:50.0172 0x1cd0  Connectify - detected UnsignedFile.Multi.Generic ( 1 )
16:37:50.0613 0x1cd0  Detect skipped due to KSN trusted
16:37:50.0613 0x1cd0  Connectify - ok
16:37:50.0622 0x1cd0  [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
16:37:50.0649 0x1cd0  cpudrv64 - ok
16:37:50.0658 0x1cd0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:37:50.0668 0x1cd0  crcdisk - ok
16:37:50.0675 0x1cd0  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:37:50.0688 0x1cd0  CryptSvc - ok
16:37:50.0694 0x1cd0  [ BC3D4F90978CD7C8EABD1BAF3BF7873A, 5978139650FC51BE0CAB12061702C7BC7BEDF6E7C3A047FF0A6328AA674E4226 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:37:50.0704 0x1cd0  CtClsFlt - ok
16:37:50.0709 0x1cd0  [ 5858111FF43B8E87EDD13667E5B29E51, 34B570238F09CA7F8AA750D9E2D33DD704A9258E63A3FE0BC7B8C71BF598D8F2 ] cyhid           C:\Windows\system32\DRIVERS\cyhid.sys
16:37:50.0718 0x1cd0  cyhid - ok
16:37:50.0721 0x1cd0  [ 903C161E91A7F2678E7E8D775D3512B2, EA2D790C9CD7EAAB1E3CD3C0B8F73FFD09857FCFDE022181F2ECCFB6A00A5743 ] cykbfltrService C:\Windows\system32\DRIVERS\cykbfltr.sys
16:37:50.0728 0x1cd0  cykbfltrService - ok
16:37:50.0732 0x1cd0  [ EF5A7A27AC58672CF3B5CE91E99C43DC, 232AE198022690C09DB793D4FD2D755AE7CB3D0D1F5FB49F2357484848964524 ] cymfltrService  C:\Windows\system32\DRIVERS\cymfltr.sys
16:37:50.0744 0x1cd0  cymfltrService - ok
16:37:50.0757 0x1cd0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:37:50.0791 0x1cd0  DcomLaunch - ok
16:37:50.0794 0x1cd0  [ B56714DED87E29377F1EE930691DADA2, B3C3BC4F546A786A93823C1471D560BF678A9C95237065E3B99B2B80E6C28131 ] DDDriver        C:\Windows\system32\drivers\DDDriver64Dcsa.sys
16:37:50.0801 0x1cd0  DDDriver - ok
16:37:50.0809 0x1cd0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:37:50.0838 0x1cd0  defragsvc - ok
16:37:50.0888 0x1cd0  [ 013D165C6E3E5ED2BA0E20E4695DB5BF, EFCF3023AF86388DB3D8F696179CAD6B801B8CEDEEF9207967C25F0F39503764 ] DellDataVault   C:\Program Files\Dell\DellDataVault\DellDataVault.exe
16:37:50.0944 0x1cd0  DellDataVault - ok
16:37:50.0952 0x1cd0  [ 9C2CD6A0D0EEDD4EE72113DA554E374B, 45D76852B60B0D5399865FAE93FA0BE1BB320E0A4902BF58F6E0E43ACC9274FD ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
16:37:50.0962 0x1cd0  DellDataVaultWiz - ok
16:37:50.0965 0x1cd0  [ 66C87079CFCB61B650086802693114E0, B1EE411DF69BB98D5D9FA2D88C4C9FE1E4877FD8BBF572C3F444C90576ED0724 ] DellProf        C:\Windows\system32\drivers\DellProf.sys
16:37:50.0971 0x1cd0  DellProf - ok
16:37:50.0979 0x1cd0  [ 62BA877214616495BCC33BBC941FC8B3, 48584CC8279DAC11FF14EF6C69FA31F30EE07BAA0FD4F4B132016F222B1F09AC ] DellUpdate      C:\Program Files (x86)\Dell Update\DellUpService.exe
16:37:50.0994 0x1cd0  DellUpdate - ok
16:37:50.0998 0x1cd0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:37:51.0022 0x1cd0  DfsC - ok
16:37:51.0028 0x1cd0  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
16:37:51.0039 0x1cd0  dg_ssudbus - ok
16:37:51.0047 0x1cd0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:37:51.0062 0x1cd0  Dhcp - ok
16:37:51.0090 0x1cd0  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
16:37:51.0124 0x1cd0  DiagTrack - ok
16:37:51.0127 0x1cd0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:37:51.0150 0x1cd0  discache - ok
16:37:51.0154 0x1cd0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:37:51.0162 0x1cd0  Disk - ok
16:37:51.0168 0x1cd0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:37:51.0179 0x1cd0  Dnscache - ok
16:37:51.0187 0x1cd0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:37:51.0214 0x1cd0  dot3svc - ok
16:37:51.0219 0x1cd0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:37:51.0245 0x1cd0  DPS - ok
16:37:51.0247 0x1cd0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:37:51.0256 0x1cd0  drmkaud - ok
16:37:51.0264 0x1cd0  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:37:51.0274 0x1cd0  dtsoftbus01 - ok
16:37:51.0296 0x1cd0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:37:51.0319 0x1cd0  DXGKrnl - ok
16:37:51.0324 0x1cd0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:37:51.0349 0x1cd0  EapHost - ok
16:37:51.0409 0x1cd0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:37:51.0480 0x1cd0  ebdrv - ok
16:37:51.0486 0x1cd0  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS             C:\Windows\System32\lsass.exe
16:37:51.0495 0x1cd0  EFS - ok
16:37:51.0511 0x1cd0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:37:51.0535 0x1cd0  ehRecvr - ok
16:37:51.0540 0x1cd0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:37:51.0550 0x1cd0  ehSched - ok
16:37:51.0563 0x1cd0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:37:51.0580 0x1cd0  elxstor - ok
16:37:51.0583 0x1cd0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:37:51.0591 0x1cd0  ErrDev - ok
16:37:51.0603 0x1cd0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:37:51.0633 0x1cd0  EventSystem - ok
16:37:51.0666 0x1cd0  [ 532B8FF8E07F3772B086620377654F95, F9461C630B9C40E3919F91B1AB28BD0E1B3C74D4AE0E972F25713CF350734C2A ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:37:51.0700 0x1cd0  EvtEng - ok
16:37:51.0707 0x1cd0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:37:51.0734 0x1cd0  exfat - ok
16:37:51.0741 0x1cd0  [ 2C1D443E14F376E8331F52F135DCA9EF, 72E6611A6D8B54ED188A55229866E6F5BFF2BB284A4DFC7495732D4C3ED6F7F8 ] FACAP           C:\Windows\system32\DRIVERS\facap.sys
16:37:51.0751 0x1cd0  FACAP - ok
16:37:51.0797 0x1cd0  [ A363FF99DC160B7844A1C1E0D6CEBBE3, F587F039183AC0DAACEAB650AF8DC30CD2816F02B54D1A533CDB1712AD5397B5 ] FAService       C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
16:37:51.0853 0x1cd0  FAService - detected UnsignedFile.Multi.Generic ( 1 )
16:37:52.0017 0x1cd0  Detect skipped due to KSN trusted
16:37:52.0018 0x1cd0  FAService - ok
16:37:52.0040 0x1cd0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:37:52.0069 0x1cd0  fastfat - ok
16:37:52.0085 0x1cd0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:37:52.0107 0x1cd0  Fax - ok
16:37:52.0111 0x1cd0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:37:52.0120 0x1cd0  fdc - ok
16:37:52.0123 0x1cd0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:37:52.0146 0x1cd0  fdPHost - ok
16:37:52.0149 0x1cd0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:37:52.0173 0x1cd0  FDResPub - ok
16:37:52.0176 0x1cd0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:37:52.0184 0x1cd0  FileInfo - ok
16:37:52.0187 0x1cd0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:37:52.0211 0x1cd0  Filetrace - ok
16:37:52.0250 0x1cd0  [ AD921DC90853208597DB6CC15090D5C0, 5CCF19797CACF74B1F85D15100360308BF0D95600C4E34E3832BEC920C7C988C ] Flexlm Service 1 C:\SIMULIA\License\lmgrd.exe
16:37:52.0290 0x1cd0  Flexlm Service 1 - ok
16:37:52.0307 0x1cd0  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:37:52.0325 0x1cd0  FLEXnet Licensing Service - ok
16:37:52.0328 0x1cd0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:37:52.0337 0x1cd0  flpydisk - ok
16:37:52.0345 0x1cd0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:37:52.0357 0x1cd0  FltMgr - ok
16:37:52.0381 0x1cd0  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
16:37:52.0412 0x1cd0  FontCache - ok
16:37:52.0416 0x1cd0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:37:52.0422 0x1cd0  FontCache3.0.0.0 - ok
16:37:52.0426 0x1cd0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:37:52.0433 0x1cd0  FsDepends - ok
16:37:52.0436 0x1cd0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:37:52.0443 0x1cd0  Fs_Rec - ok
16:37:52.0447 0x1cd0  [ FA169871D8FADCC6539C4E8726610286, 14BF1C5225BD736C686FAC6393050BCFC5C43BC9557A78901CC98BC446A3894D ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
16:37:52.0454 0x1cd0  FTDIBUS - ok
16:37:52.0461 0x1cd0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:37:52.0473 0x1cd0  fvevol - ok
16:37:52.0477 0x1cd0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:37:52.0485 0x1cd0  gagp30kx - ok
16:37:52.0510 0x1cd0  [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:37:52.0539 0x1cd0  GfExperienceService - ok
16:37:52.0550 0x1cd0  [ 0498C39301A780DC1BE5DBEE23B56B9F, 4C311EB2908D8A728F205D2FE14A4AB4041BFD622F26742131B0ECAB9EAF3834 ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist Corporate\1084\G2AC_Service.exe
16:37:52.0561 0x1cd0  GoToAssist - ok
16:37:52.0579 0x1cd0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:37:52.0616 0x1cd0  gpsvc - ok
16:37:52.0622 0x1cd0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:37:52.0629 0x1cd0  gupdate - ok
16:37:52.0633 0x1cd0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:37:52.0640 0x1cd0  gupdatem - ok
16:37:52.0643 0x1cd0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:37:52.0652 0x1cd0  hcw85cir - ok
16:37:52.0656 0x1cd0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:37:52.0667 0x1cd0  HDAudBus - ok
16:37:52.0670 0x1cd0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:37:52.0678 0x1cd0  HidBatt - ok
16:37:52.0683 0x1cd0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:37:52.0694 0x1cd0  HidBth - ok
16:37:52.0697 0x1cd0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:37:52.0708 0x1cd0  HidIr - ok
16:37:52.0711 0x1cd0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:37:52.0735 0x1cd0  hidserv - ok
16:37:52.0738 0x1cd0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:37:52.0746 0x1cd0  HidUsb - ok
16:37:52.0751 0x1cd0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:37:52.0775 0x1cd0  hkmsvc - ok
16:37:52.0782 0x1cd0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:37:52.0795 0x1cd0  HomeGroupListener - ok
16:37:52.0801 0x1cd0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:37:52.0813 0x1cd0  HomeGroupProvider - ok
16:37:52.0817 0x1cd0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:37:52.0825 0x1cd0  HpSAMD - ok
16:37:52.0842 0x1cd0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:37:52.0865 0x1cd0  HTTP - ok
16:37:52.0868 0x1cd0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:37:52.0875 0x1cd0  hwpolicy - ok
16:37:52.0880 0x1cd0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:37:52.0890 0x1cd0  i8042prt - ok
16:37:52.0902 0x1cd0  [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
16:37:52.0915 0x1cd0  iaStor - ok
16:37:52.0926 0x1cd0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:37:52.0940 0x1cd0  iaStorV - ok
16:37:52.0944 0x1cd0  [ 806422F30DF9CE8307457485779C77B7, C70C9D778688B8D67D1AD76D5149AA3D46DC7029CD403BAEDA68A63EBFB96768 ] iBtFltCoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
16:37:52.0952 0x1cd0  iBtFltCoex - ok
16:37:52.0957 0x1cd0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:37:52.0961 0x1cd0  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
16:37:53.0123 0x1cd0  Detect skipped due to KSN trusted
16:37:53.0123 0x1cd0  IDriverT - ok
16:37:53.0161 0x1cd0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:37:53.0186 0x1cd0  idsvc - ok
16:37:53.0190 0x1cd0  IEEtwCollectorService - ok
16:37:53.0427 0x1cd0  [ 0BD58366C86EF9DDC4F61AFED0CADA99, 2C4ADD577872DF0E9DE7664FA4293B8E335E18055E346B5BF644544840E420EF ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:37:53.0697 0x1cd0  igfx - ok
16:37:53.0709 0x1cd0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:37:53.0717 0x1cd0  iirsp - ok
16:37:53.0737 0x1cd0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:37:53.0761 0x1cd0  IKEEXT - ok
16:37:53.0767 0x1cd0  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\drivers\Impcd.sys
16:37:53.0778 0x1cd0  Impcd - ok
16:37:53.0783 0x1cd0  [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:37:53.0790 0x1cd0  intaud_WaveExtensible - ok
16:37:53.0843 0x1cd0  [ A3C9367A02B2A1FC22536ADD3601B64F, 151A15660085BB3EEE10A5AA63FA7D218110BB8D0D5E63F2C64B93EA120C357F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:37:53.0898 0x1cd0  IntcAzAudAddService - ok
16:37:53.0909 0x1cd0  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:37:53.0922 0x1cd0  IntcDAud - ok
16:37:53.0925 0x1cd0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:37:53.0932 0x1cd0  intelide - ok
16:37:53.0935 0x1cd0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:37:53.0945 0x1cd0  intelppm - ok
16:37:53.0949 0x1cd0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:37:53.0974 0x1cd0  IPBusEnum - ok
16:37:53.0977 0x1cd0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:37:54.0000 0x1cd0  IpFilterDriver - ok
16:37:54.0013 0x1cd0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:37:54.0033 0x1cd0  iphlpsvc - ok
16:37:54.0037 0x1cd0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:37:54.0047 0x1cd0  IPMIDRV - ok
16:37:54.0051 0x1cd0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:37:54.0076 0x1cd0  IPNAT - ok
16:37:54.0079 0x1cd0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:37:54.0090 0x1cd0  IRENUM - ok
16:37:54.0093 0x1cd0  [ 6DC22BDAA595BE00F19696E72F2F3312, B46B50395100D3A23663C56CC395A874130B72E314997AAD6C52F0C5C23364C4 ] irstrtdv        C:\Windows\system32\DRIVERS\irstrtdv.sys
16:37:54.0099 0x1cd0  irstrtdv - ok
16:37:54.0125 0x1cd0  [ 9877087146E094D790BB03ECA0FBC445, 47901D2686794EDE67BC19E80B59A4207623C82486F87A097B7C4BF1EDDA6D00 ] irstrtsv        C:\Windows\SysWOW64\irstrtsv.exe
16:37:54.0132 0x1cd0  irstrtsv - detected UnsignedFile.Multi.Generic ( 1 )
16:37:54.0813 0x1cd0  Detect skipped due to KSN trusted
16:37:54.0813 0x1cd0  irstrtsv - ok
16:37:54.0828 0x1cd0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:37:54.0838 0x1cd0  isapnp - ok
16:37:54.0845 0x1cd0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:37:54.0858 0x1cd0  iScsiPrt - ok
16:37:54.0861 0x1cd0  [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
16:37:54.0868 0x1cd0  iwdbus - ok
16:37:54.0874 0x1cd0  [ 43F319DE026E04B9CF9219A14BF24FE8, 7DBB28CBDE53126AA28FF89535D92130294536F5348E0EC853892A507AEE2A13 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
16:37:54.0883 0x1cd0  JMCR - ok
16:37:54.0887 0x1cd0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:37:54.0895 0x1cd0  kbdclass - ok
16:37:54.0898 0x1cd0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:37:54.0906 0x1cd0  kbdhid - ok
16:37:54.0909 0x1cd0  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\Windows\system32\lsass.exe
16:37:54.0917 0x1cd0  KeyIso - ok
16:37:54.0920 0x1cd0  KProcessHacker2 - ok
16:37:54.0924 0x1cd0  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:37:54.0932 0x1cd0  KSecDD - ok
16:37:54.0939 0x1cd0  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:37:54.0948 0x1cd0  KSecPkg - ok
16:37:54.0951 0x1cd0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:37:54.0974 0x1cd0  ksthunk - ok
16:37:54.0983 0x1cd0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:37:55.0014 0x1cd0  KtmRm - ok
16:37:55.0018 0x1cd0  [ 0219F13AB1664005ADCBA884C0EB975E, 421AE9F44DEED8EF03AE8F824E796BA393BCF802BB2014D8DF242DB5CF3CB967 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
16:37:55.0025 0x1cd0  L1C - ok
16:37:55.0032 0x1cd0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:37:55.0059 0x1cd0  LanmanServer - ok
16:37:55.0063 0x1cd0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:37:55.0089 0x1cd0  LanmanWorkstation - ok
16:37:55.0094 0x1cd0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:37:55.0118 0x1cd0  lltdio - ok
16:37:55.0126 0x1cd0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:37:55.0154 0x1cd0  lltdsvc - ok
16:37:55.0157 0x1cd0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:37:55.0181 0x1cd0  lmhosts - ok
16:37:55.0190 0x1cd0  [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:37:55.0202 0x1cd0  LMS - ok
16:37:55.0208 0x1cd0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:37:55.0217 0x1cd0  LSI_FC - ok
16:37:55.0222 0x1cd0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:37:55.0231 0x1cd0  LSI_SAS - ok
16:37:55.0234 0x1cd0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:37:55.0242 0x1cd0  LSI_SAS2 - ok
16:37:55.0247 0x1cd0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:37:55.0256 0x1cd0  LSI_SCSI - ok
16:37:55.0260 0x1cd0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:37:55.0285 0x1cd0  luafv - ok
16:37:55.0289 0x1cd0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:37:55.0299 0x1cd0  Mcx2Svc - ok
16:37:55.0302 0x1cd0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:37:55.0310 0x1cd0  megasas - ok
16:37:55.0318 0x1cd0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:37:55.0330 0x1cd0  MegaSR - ok
16:37:55.0334 0x1cd0  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
16:37:55.0340 0x1cd0  MEIx64 - ok
16:37:55.0344 0x1cd0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:37:55.0369 0x1cd0  MMCSS - ok
16:37:55.0373 0x1cd0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:37:55.0396 0x1cd0  Modem - ok
16:37:55.0399 0x1cd0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:37:55.0409 0x1cd0  monitor - ok
16:37:55.0412 0x1cd0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:37:55.0420 0x1cd0  mouclass - ok
16:37:55.0423 0x1cd0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:37:55.0431 0x1cd0  mouhid - ok
16:37:55.0436 0x1cd0  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:37:55.0444 0x1cd0  mountmgr - ok
16:37:55.0451 0x1cd0  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:37:55.0461 0x1cd0  MozillaMaintenance - ok
16:37:55.0470 0x1cd0  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:37:55.0483 0x1cd0  MpFilter - ok
16:37:55.0489 0x1cd0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:37:55.0498 0x1cd0  mpio - ok
16:37:55.0502 0x1cd0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:37:55.0526 0x1cd0  mpsdrv - ok
16:37:55.0544 0x1cd0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:37:55.0583 0x1cd0  MpsSvc - ok
16:37:55.0588 0x1cd0  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:37:55.0600 0x1cd0  MRxDAV - ok
16:37:55.0605 0x1cd0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:37:55.0616 0x1cd0  mrxsmb - ok
16:37:55.0625 0x1cd0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:37:55.0639 0x1cd0  mrxsmb10 - ok
16:37:55.0645 0x1cd0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:37:55.0655 0x1cd0  mrxsmb20 - ok
16:37:55.0658 0x1cd0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:37:55.0665 0x1cd0  msahci - ok
16:37:55.0671 0x1cd0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:37:55.0680 0x1cd0  msdsm - ok
16:37:55.0685 0x1cd0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:37:55.0697 0x1cd0  MSDTC - ok
16:37:55.0702 0x1cd0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:37:55.0726 0x1cd0  Msfs - ok
16:37:55.0728 0x1cd0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:37:55.0752 0x1cd0  mshidkmdf - ok
16:37:55.0755 0x1cd0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:37:55.0762 0x1cd0  msisadrv - ok
16:37:55.0768 0x1cd0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:37:55.0795 0x1cd0  MSiSCSI - ok
16:37:55.0797 0x1cd0  msiserver - ok
16:37:55.0799 0x1cd0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:37:55.0824 0x1cd0  MSKSSRV - ok
16:37:55.0828 0x1cd0  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe


Thank you for your time,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 30, 2015, 05:19:40 AM
Hi Kevin,

Here is the content of report of TDSSkiller 'part 2' -

16:37:55.0836 0x1cd0  MsMpSvc - ok
16:37:55.0839 0x1cd0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:37:55.0862 0x1cd0  MSPCLOCK - ok
16:37:55.0864 0x1cd0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:37:55.0887 0x1cd0  MSPQM - ok
16:37:55.0896 0x1cd0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:37:55.0911 0x1cd0  MsRPC - ok
16:37:55.0915 0x1cd0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:37:55.0922 0x1cd0  mssmbios - ok
16:37:55.0927 0x1cd0  MSSQL$SQLEXPRESS - ok
16:37:55.0931 0x1cd0  [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
16:37:55.0939 0x1cd0  MSSQLServerADHelper100 - ok
16:37:55.0941 0x1cd0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:37:55.0964 0x1cd0  MSTEE - ok
16:37:56.0045 0x1cd0  [ 0F4DD44765A7D23E0CD9965EE900558F, 4D61960F02C2F9281263833F04B203398A9D4E72F3819383420DA31FF8D581FE ] msvsmon90       C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
16:37:56.0136 0x1cd0  msvsmon90 - ok
16:37:56.0142 0x1cd0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:37:56.0151 0x1cd0  MTConfig - ok
16:37:56.0154 0x1cd0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:37:56.0162 0x1cd0  Mup - ok
16:37:56.0167 0x1cd0  mysql - ok
16:37:56.0176 0x1cd0  [ 265937BC59819DF1DAB65E27C60F94C0, 6E274424DDE2DDF2909AFB0717B1768B1D760F72CA62744ABD678B6ABBB816EB ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:37:56.0188 0x1cd0  MyWiFiDHCPDNS - ok
16:37:56.0199 0x1cd0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:37:56.0230 0x1cd0  napagent - ok
16:37:56.0239 0x1cd0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:37:56.0255 0x1cd0  NativeWifiP - ok
16:37:56.0276 0x1cd0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:37:56.0301 0x1cd0  NDIS - ok
16:37:56.0305 0x1cd0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:37:56.0328 0x1cd0  NdisCap - ok
16:37:56.0331 0x1cd0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:37:56.0354 0x1cd0  NdisTapi - ok
16:37:56.0357 0x1cd0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:37:56.0381 0x1cd0  Ndisuio - ok
16:37:56.0386 0x1cd0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:37:56.0412 0x1cd0  NdisWan - ok
16:37:56.0415 0x1cd0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:37:56.0438 0x1cd0  NDProxy - ok
16:37:56.0441 0x1cd0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:37:56.0465 0x1cd0  NetBIOS - ok
16:37:56.0472 0x1cd0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:37:56.0499 0x1cd0  NetBT - ok
16:37:56.0501 0x1cd0  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\Windows\system32\lsass.exe
16:37:56.0509 0x1cd0  Netlogon - ok
16:37:56.0518 0x1cd0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:37:56.0548 0x1cd0  Netman - ok
16:37:56.0560 0x1cd0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:56.0571 0x1cd0  NetMsmqActivator - ok
16:37:56.0575 0x1cd0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:56.0585 0x1cd0  NetPipeActivator - ok
16:37:56.0596 0x1cd0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:37:56.0628 0x1cd0  netprofm - ok
16:37:56.0633 0x1cd0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:56.0643 0x1cd0  NetTcpActivator - ok
16:37:56.0647 0x1cd0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:56.0657 0x1cd0  NetTcpPortSharing - ok
16:37:56.0829 0x1cd0  [ 774C9ECCEF83AB8A3D1466F19809C95F, 23DEE2BC7D1C7F12098E87F1A9721F63DBE605F845E6F48EB117FDF4952B550E ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
16:37:57.0001 0x1cd0  NETwNs64 - ok
16:37:57.0011 0x1cd0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:37:57.0018 0x1cd0  nfrd960 - ok
16:37:57.0024 0x1cd0  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:37:57.0034 0x1cd0  NisDrv - ok
16:37:57.0043 0x1cd0  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
16:37:57.0059 0x1cd0  NisSrv - ok
16:37:57.0068 0x1cd0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:37:57.0082 0x1cd0  NlaSvc - ok
16:37:57.0134 0x1cd0  [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
16:37:57.0194 0x1cd0  NOBU - ok
16:37:57.0200 0x1cd0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:37:57.0223 0x1cd0  Npfs - ok
16:37:57.0226 0x1cd0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:37:57.0249 0x1cd0  nsi - ok
16:37:57.0252 0x1cd0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:37:57.0275 0x1cd0  nsiproxy - ok
16:37:57.0309 0x1cd0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:37:57.0348 0x1cd0  Ntfs - ok
16:37:57.0352 0x1cd0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:37:57.0374 0x1cd0  Null - ok
16:37:57.0378 0x1cd0  [ D584ABB6A308933A5F72B46C9E5A783F, 31922A27B3A9A64A9F71B7591FCAC6E0ACD15E36B9BFC4B4D75DE473E0F5CF6B ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
16:37:57.0387 0x1cd0  nusb3hub - ok
16:37:57.0394 0x1cd0  [ 345B9C04E2036DA4346E3249A5BDFD06, 2FCA4661757EC8E33F6D1E8066165C0E0A0D32649318412A79A915B83496236A ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:37:57.0404 0x1cd0  nusb3xhc - ok
16:37:57.0411 0x1cd0  [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:37:57.0422 0x1cd0  NVHDA - ok
16:37:57.0431 0x1cd0  [ 258A5A264C32E494BBAD17A715CBB54F, 2FF465B2BD5A983AFC961A106A83C0907C25BCC03546CBCF3712B9558737D3EC ] nvkflt          C:\Windows\system32\DRIVERS\nvkflt.sys
16:37:57.0442 0x1cd0  nvkflt - ok
16:37:57.0644 0x1cd0  [ 017E0B4AEFCB291E7CF1CD4BF120A7A8, 5C4B8D1AF91DE041F48E06E58ED71EFDD168942259F39012EB1CC957908B554C ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:37:57.0838 0x1cd0  nvlddmkm - ok
16:37:57.0886 0x1cd0  [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:37:57.0927 0x1cd0  NvNetworkService - ok
16:37:57.0932 0x1cd0  [ BED3EDDC4B361B9023022B8ED4B04AEA, BDAE255DB3216525FD8A2C1EA2608FF9A69EA94383A042A897D354048CA30E45 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
16:37:57.0938 0x1cd0  nvpciflt - ok
16:37:57.0944 0x1cd0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:37:57.0953 0x1cd0  nvraid - ok
16:37:57.0959 0x1cd0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:37:57.0969 0x1cd0  nvstor - ok
16:37:57.0973 0x1cd0  [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:37:57.0979 0x1cd0  NvStreamKms - ok
16:37:57.0982 0x1cd0  NvStreamSvc - ok
16:37:57.0991 0x1cd0  [ 4DC87CDA61D7B185E79618581F46B85A, 5DF9283C2D0DA4AAC3953D3168406731F349D8E7CFE50F7F9C9EEF5A15150135 ] NvStUSB         C:\Windows\system32\drivers\nvstusb.sys
16:37:58.0003 0x1cd0  NvStUSB - ok
16:37:58.0023 0x1cd0  [ 5141D408272B3681ED6A0E8CCF771EF9, C55304DC5EE588F747DF3B26ED08DE12106B79C686DCD22030F5523FC3F62727 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:37:58.0048 0x1cd0  nvsvc - ok
16:37:58.0053 0x1cd0  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:37:58.0059 0x1cd0  nvvad_WaveExtensible - ok
16:37:58.0064 0x1cd0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:37:58.0072 0x1cd0  nv_agp - ok
16:37:58.0077 0x1cd0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:37:58.0086 0x1cd0  ohci1394 - ok
16:37:58.0093 0x1cd0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:37:58.0101 0x1cd0  ose - ok
16:37:58.0112 0x1cd0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:37:58.0126 0x1cd0  p2pimsvc - ok
16:37:58.0137 0x1cd0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:37:58.0154 0x1cd0  p2psvc - ok
16:37:58.0158 0x1cd0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:37:58.0168 0x1cd0  Parport - ok
16:37:58.0172 0x1cd0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:37:58.0180 0x1cd0  partmgr - ok
16:37:58.0186 0x1cd0  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:37:58.0198 0x1cd0  PcaSvc - ok
16:37:58.0204 0x1cd0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:37:58.0214 0x1cd0  pci - ok
16:37:58.0217 0x1cd0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:37:58.0224 0x1cd0  pciide - ok
16:37:58.0231 0x1cd0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:37:58.0241 0x1cd0  pcmcia - ok
16:37:58.0245 0x1cd0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:37:58.0252 0x1cd0  pcw - ok
16:37:58.0267 0x1cd0  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:37:58.0288 0x1cd0  PEAUTH - ok
16:37:58.0317 0x1cd0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:37:58.0344 0x1cd0  PerfHost - ok
16:37:58.0375 0x1cd0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:37:58.0424 0x1cd0  pla - ok
16:37:58.0435 0x1cd0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:37:58.0454 0x1cd0  PlugPlay - ok
16:37:58.0457 0x1cd0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:37:58.0466 0x1cd0  PNRPAutoReg - ok
16:37:58.0474 0x1cd0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:37:58.0487 0x1cd0  PNRPsvc - ok
16:37:58.0500 0x1cd0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:37:58.0531 0x1cd0  PolicyAgent - ok
16:37:58.0538 0x1cd0  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
16:37:58.0551 0x1cd0  Power - ok
16:37:58.0555 0x1cd0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:37:58.0579 0x1cd0  PptpMiniport - ok
16:37:58.0583 0x1cd0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:37:58.0591 0x1cd0  Processor - ok
16:37:58.0601 0x1cd0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:37:58.0613 0x1cd0  ProfSvc - ok
16:37:58.0616 0x1cd0  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
16:37:58.0624 0x1cd0  ProtectedStorage - ok
16:37:58.0629 0x1cd0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:37:58.0653 0x1cd0  Psched - ok
16:37:58.0658 0x1cd0  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
16:37:58.0666 0x1cd0  PxHlpa64 - ok
16:37:58.0702 0x1cd0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:37:58.0744 0x1cd0  ql2300 - ok
16:37:58.0750 0x1cd0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:37:58.0760 0x1cd0  ql40xx - ok
16:37:58.0767 0x1cd0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:37:58.0783 0x1cd0  QWAVE - ok
16:37:58.0786 0x1cd0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:37:58.0798 0x1cd0  QWAVEdrv - ok
16:37:58.0801 0x1cd0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:37:58.0824 0x1cd0  RasAcd - ok
16:37:58.0827 0x1cd0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:37:58.0854 0x1cd0  RasAgileVpn - ok
16:37:58.0858 0x1cd0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:37:58.0884 0x1cd0  RasAuto - ok
16:37:58.0889 0x1cd0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:37:58.0913 0x1cd0  Rasl2tp - ok
16:37:58.0923 0x1cd0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:37:58.0952 0x1cd0  RasMan - ok
16:37:58.0957 0x1cd0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:37:58.0980 0x1cd0  RasPppoe - ok
16:37:58.0984 0x1cd0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:37:59.0007 0x1cd0  RasSstp - ok
16:37:59.0017 0x1cd0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:37:59.0045 0x1cd0  rdbss - ok
16:37:59.0047 0x1cd0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:37:59.0058 0x1cd0  rdpbus - ok
16:37:59.0062 0x1cd0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:37:59.0084 0x1cd0  RDPCDD - ok
16:37:59.0088 0x1cd0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:37:59.0111 0x1cd0  RDPENCDD - ok
16:37:59.0115 0x1cd0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:37:59.0137 0x1cd0  RDPREFMP - ok
16:37:59.0143 0x1cd0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:37:59.0156 0x1cd0  RDPWD - ok
16:37:59.0163 0x1cd0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:37:59.0173 0x1cd0  rdyboost - ok
16:37:59.0193 0x1cd0  [ 7196BE857E29007470FF9B689C7F29A7, 3355BB31A934BF0C8357C01F4234527C0A17E0CAC314AE3D6D087D070702C655 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:37:59.0214 0x1cd0  RegSrvc - ok
16:37:59.0219 0x1cd0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:37:59.0244 0x1cd0  RemoteAccess - ok
16:37:59.0250 0x1cd0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:37:59.0276 0x1cd0  RemoteRegistry - ok
16:37:59.0283 0x1cd0  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:37:59.0296 0x1cd0  RFCOMM - ok
16:37:59.0300 0x1cd0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:37:59.0324 0x1cd0  RpcEptMapper - ok
16:37:59.0327 0x1cd0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:37:59.0336 0x1cd0  RpcLocator - ok
16:37:59.0348 0x1cd0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:37:59.0379 0x1cd0  RpcSs - ok
16:37:59.0387 0x1cd0  [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
16:37:59.0399 0x1cd0  RsFx0103 - ok
16:37:59.0403 0x1cd0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:37:59.0428 0x1cd0  rspndr - ok
16:37:59.0431 0x1cd0  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs           C:\Windows\system32\lsass.exe
16:37:59.0438 0x1cd0  SamSs - ok
16:37:59.0442 0x1cd0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:37:59.0451 0x1cd0  sbp2port - ok
16:37:59.0457 0x1cd0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:37:59.0485 0x1cd0  SCardSvr - ok
16:37:59.0488 0x1cd0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:37:59.0511 0x1cd0  scfilter - ok
16:37:59.0533 0x1cd0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:37:59.0577 0x1cd0  Schedule - ok
16:37:59.0582 0x1cd0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:37:59.0604 0x1cd0  SCPolicySvc - ok
16:37:59.0609 0x1cd0  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
16:37:59.0620 0x1cd0  sdbus - ok
16:37:59.0626 0x1cd0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:37:59.0638 0x1cd0  SDRSVC - ok
16:37:59.0641 0x1cd0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:37:59.0664 0x1cd0  secdrv - ok
16:37:59.0667 0x1cd0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:37:59.0691 0x1cd0  seclogon - ok
16:37:59.0694 0x1cd0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:37:59.0718 0x1cd0  SENS - ok
16:37:59.0721 0x1cd0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:37:59.0730 0x1cd0  SensrSvc - ok
16:37:59.0733 0x1cd0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:37:59.0741 0x1cd0  Serenum - ok
16:37:59.0745 0x1cd0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
16:37:59.0755 0x1cd0  Serial - ok
16:37:59.0758 0x1cd0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:37:59.0767 0x1cd0  sermouse - ok
16:37:59.0774 0x1cd0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:37:59.0799 0x1cd0  SessionEnv - ok
16:37:59.0802 0x1cd0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:37:59.0812 0x1cd0  sffdisk - ok
16:37:59.0815 0x1cd0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:37:59.0825 0x1cd0  sffp_mmc - ok
16:37:59.0827 0x1cd0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:37:59.0837 0x1cd0  sffp_sd - ok
16:37:59.0840 0x1cd0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:37:59.0848 0x1cd0  sfloppy - ok
16:37:59.0886 0x1cd0  [ 29DDEA72C5BDF61D62F4D438DC0E497C, 6A125EBC8B1377C1F5DFC441B843B0D6933C57678248CE1D23BF8D7A862F93FB ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:37:59.0924 0x1cd0  SftService - ok
16:37:59.0935 0x1cd0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:37:59.0965 0x1cd0  SharedAccess - ok
16:37:59.0975 0x1cd0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:38:00.0004 0x1cd0  ShellHWDetection - ok
16:38:00.0009 0x1cd0  [ 7799106FEE728B907A86D9C9751E02D5, EE85E8D3CF3819DB28221BFC103DE8DF0E14E1878CECF54E8CD8C161B0E0AF3C ] silabenm        C:\Windows\system32\DRIVERS\silabenm.sys
16:38:00.0019 0x1cd0  silabenm - ok
16:38:00.0024 0x1cd0  [ 447209C314E6E0D26E01962075802B18, AB1AC5854EB0EDF66025609CF9CB5639014C264327F4DEE1223BF7F6E1BD2D15 ] silabser        C:\Windows\system32\DRIVERS\silabser.sys
16:38:00.0033 0x1cd0  silabser - ok
16:38:00.0036 0x1cd0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:38:00.0043 0x1cd0  SiSRaid2 - ok
16:38:00.0048 0x1cd0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:38:00.0056 0x1cd0  SiSRaid4 - ok
16:38:00.0066 0x1cd0  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:38:00.0080 0x1cd0  SkypeUpdate - ok
16:38:00.0084 0x1cd0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:38:00.0108 0x1cd0  Smb - ok
16:38:00.0113 0x1cd0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:38:00.0122 0x1cd0  SNMPTRAP - ok
16:38:00.0125 0x1cd0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:38:00.0132 0x1cd0  spldr - ok
16:38:00.0145 0x1cd0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:38:00.0165 0x1cd0  Spooler - ok
16:38:00.0227 0x1cd0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:38:00.0316 0x1cd0  sppsvc - ok
16:38:00.0322 0x1cd0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:38:00.0361 0x1cd0  sppuinotify - ok
16:38:00.0374 0x1cd0  [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
16:38:00.0388 0x1cd0  SQLAgent$SQLEXPRESS - ok
16:38:00.0396 0x1cd0  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:38:00.0407 0x1cd0  SQLBrowser - ok
16:38:00.0413 0x1cd0  [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:38:00.0421 0x1cd0  SQLWriter - ok
16:38:00.0433 0x1cd0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:38:00.0450 0x1cd0  srv - ok
16:38:00.0461 0x1cd0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:38:00.0476 0x1cd0  srv2 - ok
16:38:00.0482 0x1cd0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:38:00.0492 0x1cd0  srvnet - ok
16:38:00.0498 0x1cd0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:38:00.0525 0x1cd0  SSDPSRV - ok
16:38:00.0529 0x1cd0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:38:00.0554 0x1cd0  SstpSvc - ok
16:38:00.0561 0x1cd0  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
16:38:00.0571 0x1cd0  ssudmdm - ok
16:38:00.0575 0x1cd0  [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
16:38:00.0581 0x1cd0  stdcfltn - ok
16:38:00.0593 0x1cd0  [ 2E273A5E7A22A2E4EAFB05D6D5D856EB, 80C0380B1244154D5D7A602C50255C01CDA3912EA6EA484A3F438941CC812FD0 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:38:00.0607 0x1cd0  Stereo Service - ok
16:38:00.0610 0x1cd0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:38:00.0617 0x1cd0  stexstor - ok
16:38:00.0631 0x1cd0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:38:00.0654 0x1cd0  stisvc - ok
16:38:00.0660 0x1cd0  [ ACABD09AFD92D37BED3B7BA010C03A1C, 5E4DF020C90062C7D79C5FBC945D60E25C814FDCF7B8143C69EEABF79440752F ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
16:38:00.0667 0x1cd0  SupportAssistAgent - ok
16:38:00.0669 0x1cd0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:38:00.0676 0x1cd0  swenum - ok
16:38:00.0688 0x1cd0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:38:00.0721 0x1cd0  swprv - ok
16:38:00.0755 0x1cd0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:38:00.0800 0x1cd0  SysMain - ok
16:38:00.0806 0x1cd0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:38:00.0819 0x1cd0  TabletInputService - ok
16:38:00.0828 0x1cd0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:38:00.0856 0x1cd0  TapiSrv - ok
16:38:00.0860 0x1cd0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:38:00.0884 0x1cd0  TBS - ok
16:38:00.0921 0x1cd0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:38:00.0965 0x1cd0  Tcpip - ok
16:38:01.0001 0x1cd0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:38:01.0040 0x1cd0  TCPIP6 - ok
16:38:01.0045 0x1cd0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:38:01.0054 0x1cd0  tcpipreg - ok
16:38:01.0058 0x1cd0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:38:01.0066 0x1cd0  TDPIPE - ok
16:38:01.0069 0x1cd0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:38:01.0077 0x1cd0  TDTCP - ok
16:38:01.0082 0x1cd0  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:38:01.0092 0x1cd0  tdx - ok
16:38:01.0095 0x1cd0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:38:01.0103 0x1cd0  TermDD - ok
16:38:01.0119 0x1cd0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:38:01.0141 0x1cd0  TermService - ok
16:38:01.0233 0x1cd0  [ 407DB52B50C8C8154FF114DCEC1FB73C, 2C9C3B9E16ADDB0A03D0FDE96C680980F7D2BFFF9DFCAC36C5977087436DF5F7 ] Texis Monitor   C:\SIMULIA\Documentation\monitor.exe
16:38:01.0326 0x1cd0  Texis Monitor - detected UnsignedFile.Multi.Generic ( 1 )
16:38:01.0558 0x1cd0  Texis Monitor ( UnsignedFile.Multi.Generic ) - warning
16:38:01.0793 0x1cd0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:38:01.0825 0x1cd0  Themes - ok
16:38:01.0829 0x1cd0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:38:01.0852 0x1cd0  THREADORDER - ok
16:38:01.0857 0x1cd0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:38:01.0883 0x1cd0  TrkWks - ok
16:38:01.0887 0x1cd0  [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
16:38:01.0895 0x1cd0  TrueSight - ok
16:38:01.0901 0x1cd0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:38:01.0926 0x1cd0  TrustedInstaller - ok
16:38:01.0931 0x1cd0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:38:01.0939 0x1cd0  tssecsrv - ok
16:38:01.0943 0x1cd0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:38:01.0951 0x1cd0  TsUsbFlt - ok
16:38:01.0954 0x1cd0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:38:01.0962 0x1cd0  TsUsbGD - ok
16:38:01.0967 0x1cd0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:38:01.0991 0x1cd0  tunnel - ok
16:38:01.0994 0x1cd0  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
16:38:02.0001 0x1cd0  TurboB - ok
16:38:02.0007 0x1cd0  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:38:02.0014 0x1cd0  TurboBoost - ok
16:38:02.0019 0x1cd0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:38:02.0027 0x1cd0  uagp35 - ok
16:38:02.0035 0x1cd0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:38:02.0064 0x1cd0  udfs - ok
16:38:02.0070 0x1cd0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:38:02.0080 0x1cd0  UI0Detect - ok
16:38:02.0083 0x1cd0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:38:02.0091 0x1cd0  uliagpkx - ok
16:38:02.0094 0x1cd0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:38:02.0103 0x1cd0  umbus - ok
16:38:02.0106 0x1cd0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:38:02.0114 0x1cd0  UmPass - ok
16:38:02.0164 0x1cd0  [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:38:02.0221 0x1cd0  UNS - ok
16:38:02.0233 0x1cd0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:38:02.0262 0x1cd0  upnphost - ok
16:38:02.0267 0x1cd0  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:38:02.0277 0x1cd0  usbaudio - ok
16:38:02.0281 0x1cd0  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:38:02.0291 0x1cd0  usbccgp - ok
16:38:02.0295 0x1cd0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:38:02.0305 0x1cd0  usbcir - ok
16:38:02.0308 0x1cd0  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:38:02.0317 0x1cd0  usbehci - ok
16:38:02.0326 0x1cd0  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:38:02.0339 0x1cd0  usbhub - ok
16:38:02.0342 0x1cd0  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:38:02.0351 0x1cd0  usbohci - ok
16:38:02.0354 0x1cd0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:38:02.0363 0x1cd0  usbprint - ok
16:38:02.0367 0x1cd0  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
16:38:02.0376 0x1cd0  usbser - ok
16:38:02.0380 0x1cd0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:38:02.0390 0x1cd0  USBSTOR - ok
16:38:02.0393 0x1cd0  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:38:02.0401 0x1cd0  usbuhci - ok
16:38:02.0407 0x1cd0  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:38:02.0418 0x1cd0  usbvideo - ok
16:38:02.0422 0x1cd0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:38:02.0445 0x1cd0  UxSms - ok
16:38:02.0448 0x1cd0  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\Windows\system32\lsass.exe
16:38:02.0457 0x1cd0  VaultSvc - ok
16:38:02.0460 0x1cd0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:38:02.0468 0x1cd0  vdrvroot - ok
16:38:02.0480 0x1cd0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:38:02.0513 0x1cd0  vds - ok
16:38:02.0516 0x1cd0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:38:02.0526 0x1cd0  vga - ok
16:38:02.0529 0x1cd0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:38:02.0552 0x1cd0  VgaSave - ok
16:38:02.0559 0x1cd0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:38:02.0570 0x1cd0  vhdmp - ok
16:38:02.0573 0x1cd0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:38:02.0580 0x1cd0  viaide - ok
16:38:02.0584 0x1cd0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:38:02.0592 0x1cd0  volmgr - ok
16:38:02.0601 0x1cd0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:38:02.0614 0x1cd0  volmgrx - ok
16:38:02.0623 0x1cd0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:38:02.0635 0x1cd0  volsnap - ok
16:38:02.0641 0x1cd0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:38:02.0651 0x1cd0  vsmraid - ok
16:38:02.0658 0x1cd0  [ 1928B9CA20F51BFBBAD54D2C2C447B13, BA9DADBD030ECE0A1CFAEB1ACCB5A54532A02CE2DEA505EE071D4D7A0F3501FB ] VSPerfDrv100    C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
16:38:02.0664 0x1cd0  VSPerfDrv100 - ok
16:38:02.0697 0x1cd0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:38:02.0750 0x1cd0  VSS - ok
16:38:02.0759 0x1cd0  VSSS - ok
16:38:02.0761 0x1cd0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:38:02.0770 0x1cd0  vwifibus - ok
16:38:02.0773 0x1cd0  [ 13A0DECD1794DE60A8427862C8669D27, 4024AF9F2F052BC80C85F5B9A671499C20AF38838206CC649E6EFE37C380D3BF ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:38:02.0781 0x1cd0  vwififlt - ok
16:38:02.0786 0x1cd0  [ 49003B357D101CDC474937437ECF5ABC, D3EC570D616DC39FE6BF02DA1CD6C30CD07C27CC5B4B6FD6DACB5D8A4F1596A6 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:38:02.0793 0x1cd0  vwifimp - ok
16:38:02.0803 0x1cd0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:38:02.0832 0x1cd0  W32Time - ok
16:38:02.0837 0x1cd0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:38:02.0845 0x1cd0  WacomPen - ok
16:38:02.0849 0x1cd0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:38:02.0872 0x1cd0  WANARP - ok
16:38:02.0875 0x1cd0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:38:02.0898 0x1cd0  Wanarpv6 - ok
16:38:02.0924 0x1cd0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:38:02.0956 0x1cd0  WatAdminSvc - ok
16:38:02.0986 0x1cd0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:38:03.0025 0x1cd0  wbengine - ok
16:38:03.0032 0x1cd0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:38:03.0048 0x1cd0  WbioSrvc - ok
16:38:03.0053 0x1cd0  [ 25912655F207E46606D98B2EB8782CD9, C5FC20570FA864238BFB3D0110F25DC3AEE7BEAB85CA8C636D4C39363C1FBEC8 ] WCDMA_Datacard_Usb_Ser C:\Windows\system32\DRIVERS\WCDMA_Datacard_Usb_Ser.sys
16:38:03.0062 0x1cd0  WCDMA_Datacard_Usb_Ser - ok
16:38:03.0071 0x1cd0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:38:03.0090 0x1cd0  wcncsvc - ok
16:38:03.0093 0x1cd0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:38:03.0103 0x1cd0  WcsPlugInService - ok
16:38:03.0106 0x1cd0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:38:03.0113 0x1cd0  Wd - ok
16:38:03.0130 0x1cd0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:38:03.0153 0x1cd0  Wdf01000 - ok
16:38:03.0158 0x1cd0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:38:03.0168 0x1cd0  WdiServiceHost - ok
16:38:03.0171 0x1cd0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:38:03.0180 0x1cd0  WdiSystemHost - ok
16:38:03.0188 0x1cd0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:38:03.0202 0x1cd0  WebClient - ok
16:38:03.0209 0x1cd0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:38:03.0237 0x1cd0  Wecsvc - ok
16:38:03.0244 0x1cd0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:38:03.0270 0x1cd0  wercplsupport - ok
16:38:03.0274 0x1cd0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:38:03.0298 0x1cd0  WerSvc - ok
16:38:03.0303 0x1cd0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:38:03.0326 0x1cd0  WfpLwf - ok
16:38:03.0331 0x1cd0  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
16:38:03.0341 0x1cd0  WimFltr - ok
16:38:03.0344 0x1cd0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:38:03.0351 0x1cd0  WIMMount - ok
16:38:03.0366 0x1cd0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:38:03.0392 0x1cd0  Winmgmt - ok
16:38:03.0432 0x1cd0  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
16:38:03.0479 0x1cd0  WinRM - ok
16:38:03.0487 0x1cd0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:38:03.0496 0x1cd0  WinUsb - ok
16:38:03.0516 0x1cd0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:38:03.0545 0x1cd0  Wlansvc - ok
16:38:03.0549 0x1cd0  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:38:03.0556 0x1cd0  wlcrasvc - ok
16:38:03.0600 0x1cd0  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:38:03.0649 0x1cd0  wlidsvc - ok
16:38:03.0654 0x1cd0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:38:03.0661 0x1cd0  WmiAcpi - ok
16:38:03.0669 0x1cd0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:38:03.0681 0x1cd0  wmiApSrv - ok
16:38:03.0684 0x1cd0  WMPNetworkSvc - ok
16:38:03.0687 0x1cd0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:38:03.0696 0x1cd0  WPCSvc - ok
16:38:03.0702 0x1cd0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:38:03.0713 0x1cd0  WPDBusEnum - ok
16:38:03.0716 0x1cd0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:38:03.0739 0x1cd0  ws2ifsl - ok
16:38:03.0743 0x1cd0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:38:03.0757 0x1cd0  wscsvc - ok
16:38:03.0759 0x1cd0  WSearch - ok
16:38:03.0809 0x1cd0  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:38:03.0867 0x1cd0  wuauserv - ok
16:38:03.0873 0x1cd0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:38:03.0882 0x1cd0  WudfPf - ok
16:38:03.0889 0x1cd0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:38:03.0901 0x1cd0  WUDFRd - ok
16:38:03.0905 0x1cd0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:38:03.0914 0x1cd0  wudfsvc - ok
16:38:03.0921 0x1cd0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:38:03.0935 0x1cd0  WwanSvc - ok
16:38:03.0952 0x1cd0  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
16:38:03.0975 0x1cd0  xnacc - ok
16:38:03.0981 0x1cd0  ================ Scan global ==========
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 30, 2015, 07:14:21 AM
Hello nikhil,

Go here: https://www.microsoft.com/en-gb/download/details.aspx?id=5201 (https://www.microsoft.com/en-gb/download/details.aspx?id=5201) Download and save the installer for MSE, do not install yet..

Next,

Go here: http://www.bleepingcomputer.com/download/microsoft-security-essentials-removal-tool/ (http://www.bleepingcomputer.com/download/microsoft-security-essentials-removal-tool/) use the uninstall tool and remove Microsoft Security Essentials

Next,

Install MSE, when complete run a scan and let me know what happens...

Thank you,

Kevin..
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 30, 2015, 07:44:59 AM
Hi Kevin,

I downloaded the MSE installation file and also the fixit file (from bleeping computer) for uninstalling previous MSE.

I ran the fixit file. Now MSE doesn't show up in control panel, But the Microsoft Security Client folder (which has MSE) in Program files is not deleted.

I ran MSE installation file, it quit giving an error. Now most of the files in Microsoft Security Client folder are deleted (automatically - by installer i guess)

what should i do now?

Thank you for your time,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 30, 2015, 08:37:52 AM
Hello nikhil,

Run the Uninstall tool again for MSE, when complete navigate to the folder in Program Files and delete it. Boot into safe mode and run the Installer again for MSE....

If  the install is successful boot to Normal mode and see if it will scan....

Thank you,

Kevin..
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 30, 2015, 09:44:42 AM
Hi Kevin,

I could not delete the MSE folder in program files in normal mode.

In safe mode with networking, I was able to delete the folder in Program files.

And also MSE installer propmts the following - " MSE installer cannot run in safe mode. Please boot to normal mode and run again"

I tried running MSE installer in normal mode, but it says- "cannot complete the security essentials installation. An error has prevented security Essentials setup wizard from completing successfully. Please restart ans try again." error - 0x80070643

I wanted to backup my work files(5 -10 GB) - I have a external hard disk(500GB). I always had it connected to computer until a week ago. So I suspect its also full of Virus. As this virus seems to be persistant, what would be a good option for backup of my work files.

I have a free internet connection provided by my institute. so its fast and unlimited. so backup to Google drive, dropbox is also an option.

Also I now have access to another un-infected PC with windows 7 and a 14GB pen-drive.

I suspect this pen-drive is the source of virus. I used it to get prints from a 'very infected' public computer, when i connected it to my laptop I ran a scan with MSE (when it was still working). It showed no virus, so I opened the pendrive to access the files on pen-drive. After an hour or so I got a user control permission asking to run a program by 'microsoft command prompt'. I kept denying it, but it kept popping up. I finally clicked yes thinking that it some microsoft update. But i think its a .cmd file, beacuse a DOS window flashed on screen.

I immediately disconnected the pendrive and restarted my system. Thats when the MSE problem started. So would formatting the pen-drive remove all the virus on it?

Thank you for your time,
Nikhil. 
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on June 30, 2015, 10:46:11 AM
Hello nikhil,

I want t run Windows Defender Offline tool, this will check your system for malware/infection from outside of Windows.
I asked you earlier if you had access to another PC and a Flash drive, you confirmed yes. As the flash drive mabe infected we need to take precautions to negate any cross infections...

I want you to create the tool on the Flash drive via a spare pc, then use it on the sick PC. Before making the tool we need to install "McShield" on the spare PC, that will isolate the flash drive and kill any possible infection. It will be a good idea to also install to the sick PC when we are done.

The flash drive will be formatted as part of the process of creating Windows Defender Offline. If you do not understand any of the instructions please ask!!

McShield available here: http://www.mcshield.net/ (http://www.mcshield.net/)

To create the tool on the spare PC (After McShield is installed..) do the following:

Download the tool from here :- http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline (http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline) and save to the Desktop.
You will have to select the correct version for your system, either 32 or 64 bit
Run the tool, Windows 7 or Vista user right click and select "Run as Administrator"
Read the instructions in the new window and select "Next"

(http://i121.photobucket.com/albums/o239/kevinf80/Windows%20Defender%20Offline%20tool/WD2.png)

In the new window accept the agreement:

(http://i121.photobucket.com/albums/o239/kevinf80/Windows%20Defender%20Offline%20tool/WD2a.png)

In the new window select your USB Flash Drive, then select "Next"

(http://i121.photobucket.com/albums/o239/kevinf80/Windows%20Defender%20Offline%20tool/WD3.png)

In the new window ensure you Flash drive is selected, if not click on "Refresh" then select "Next"

(http://i121.photobucket.com/albums/o239/kevinf80/Windows%20Defender%20Offline%20tool/WD3a.png)

In the new window accept the formatting alert by selecting "Next"

(http://i121.photobucket.com/albums/o239/kevinf80/Windows%20Defender%20Offline%20tool/WD3b.png)

Files will be Downloaded:

(http://i121.photobucket.com/albums/o239/kevinf80/Windows%20Defender%20Offline%20tool/WD4.png)

Files will be processed and created

(http://i121.photobucket.com/albums/o239/kevinf80/Windows%20Defender%20Offline%20tool/WD5.png)

Flash drive will be formatted and prepared

(http://i121.photobucket.com/albums/o239/kevinf80/Windows%20Defender%20Offline%20tool/WD6.png)

Files will be added to the Flash Drive and the tool will be created.

(http://i121.photobucket.com/albums/o239/kevinf80/Windows%20Defender%20Offline%20tool/WD7.png)

The procedure is finished and the Tool created, click on "Finish" to complete.

(http://i121.photobucket.com/albums/o239/kevinf80/Windows%20Defender%20Offline%20tool/WD8.png)

Plug the USB into the sick PC and boot up, if it does not boot from the flash drive change the boot options as required,  Use F12 as it boots, change options...
As it boots you`ll see files being loaded and the windows splash screen, eventually the tool will run a "Quick Scan" follow the prompts and deal with what it finds.
When complete do a full scan, deal with what it finds.
When finished, remove the USB stick then press the Esc key to boot into regular windows.
Navigate to the following file:

"C:\Windows\Windows Defender Offline\Support\MPLog-MM/DD/YYYY-HH/MM/SS .txt"

Open with notepad and copy and paste it into a reply.

Let me know the outcome....

Thank you,

Kevin..

Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on June 30, 2015, 11:05:55 PM
Hi Kevin,

The file is too long and would take more than 10 posts to fit all of it in posts, so i am attaching it (attachment was also two long so split it into two).

And also I was suggested by my friends to format my comp and do a clean install of windows.

I'll back up my work files today and will probably do a clean install at night (local time - 12 hours from now)

I have exams coming up soon, so I thought i'd finish this soon. Any suggestions?

Thank you for your time,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on July 01, 2015, 01:33:54 AM
Hiya nikhil,

When you ran the offline tool it do a quick scan first, did it catch anything in that scan.... it then progresses to a full scan.
Did you take note of its findings after each scan, I am going to look through the logs shortly...

Regarding a clean install, yes that is a preferred option when there is obvious registry damage after an infection has been prevalent on a system...

Before opting for a clean install run System File Checker, then see if MSE will install. If not then a clean install is probably the best way forward...

Close all windows, Select > start icon > all programs > accessories > Right click on "command prompt" > select > Run as administrator > ok any alerts > at the command prompt type or copy and paste sfc /scannow > then tap enter.When finished type exit Tap enter, re-boot your PC.

***Note the space between sfc and /scannow.

To get report, at an elevated command promt type or copy and paste:

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt 

See if MSE will now install and run.

Will be checking windows defender log shortly...

Thank you,

Kevin..
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on July 01, 2015, 02:05:08 AM
Hi Kevin,

windows defender scan (quick or full) didn't catch any threats or malicious programs.

i've previously run sfc scan before.. it showed that it could not repair some registries. Then i used sfcfix by synatic to fix the registries.

i've attached the log of previous sfc scan.

Do i need to run the scan again.

Thank you for your time,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on July 01, 2015, 02:08:31 AM
Hiya nikhil,

Check if the following is on your system: C:\Info.exe

Regarding sfc /scannow... it is beneficial to run that tool three (3) times, a re-boot after each run...

Thanks,

Kevin
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: avs nikhil on July 01, 2015, 02:15:26 AM
Hi Kevin,

I'll run the sfc scan three times.

there is no file by the name info.exe in my C drive.

Thank you for your time,
Nikhil.
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on July 01, 2015, 02:21:12 AM
Hi nikhil,

Please download SystemLook from the following link below and save it to your Desktop. Use the correct version 32bit or 64bit.

http://jpshortstuff.247fixes.com/SystemLook_x64.exe (http://jpshortstuff.247fixes.com/SystemLook_x64.exe)     <<-   64 bit….

http://images.malwareremoval.com/jpshortstuff/SystemLook.exe (http://images.malwareremoval.com/jpshortstuff/SystemLook.exe)   <<-  32 bit

Code: [Select]
:filefind
info.exe
Note: The log can also be found on your Desktop entitled SystemLook.txt

If the file is not found continue and run the following:

Download Services Repair tool, available here - http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe (http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe) and Save it to your Desktop. Right click on it and select Run As Administrator, follow the prompts. It should reboot when it finishes. If not reboot it yourself.

After the re-boot see if MSE will install/run..

Thank you,

Kevin..
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on July 03, 2015, 05:39:18 PM
Any progress?
Title: Re: [Inactive - K] Cannot enable or update Windows Security Essentials
Post by: kevinf80 on July 05, 2015, 02:32:52 AM
Due to the lack of feedback this topic is closed. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.