Solved Virus causing system start up problems not allowing access to Internet

[Broni]

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following:

:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

• Double-click OTL.exe to start the program.
• Close all other programs apart from OTL as this step will require a reboot
• On the OTL main screen, press the CLEANUP button
• Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.

 

[Gowtham83]

Hi Broni,

Before I could do this i had a couple of quires.
1) I had told you about My Extrenal Hardrive USB that I have to clean up, should i do this before i remove the tools

2) I had told you about MY Mcafee not working, I reinstalled it this is had a conflict Malwarebytes, so i had to unintall it. Is that fine. I am sorry if i should have not dobe this.

3) Both my Windos defender and MaCafee Firewall are currently running. Which should I use?

Gowtham

 

[Broni]

Run all final steps first.

1. Install Panda USB Vaccine, or BitDefender’s USB Immunizer on your computer to protect it from any infected USB device.
Now you're safe to plug any external device in and scan it with your AV program.

2. Install MBAM again and disregard McAfee warning.

3. Windows Defender is more or less useless but it won't interfere with McAfee. McAfee is an AV program, Windows Defender is not.

 

[Gowtham83]

Here is the OLT Log... Please let me know if I can ahead with the next steps

OTL logfile created on: 4/13/2012 9:34:47 PM - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Ashu&Gowthu\Desktop\Virus remove
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.90 Gb Total Physical Memory | 4.36 Gb Available Physical Memory | 73.88% Memory free
11.79 Gb Paging File | 9.54 Gb Available in Paging File | 80.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679.00 Gb Total Space | 630.88 Gb Free Space | 92.91% Space Free | Partition Type: NTFS
Drive E: | 698.64 Gb Total Space | 630.04 Gb Free Space | 90.18% Space Free | Partition Type: NTFS
Drive Y: | 19.53 Gb Total Space | 10.58 Gb Free Space | 54.15% Space Free | Partition Type: NTFS

Computer Name: MYGOODY | User Name: Ashu&Gowthu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/12 23:16:32 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Ashu&Gowthu\Desktop\Virus remove\OTL.exe
PRC - [2012/03/30 16:00:44 | 000,161,336 | ---- | M] (Google) -- C:\Users\Ashu&Gowthu\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/11/04 08:19:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/11/03 13:24:06 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/09/22 10:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/09/22 10:11:26 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/09/22 10:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/09/21 10:30:12 | 004,109,312 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/05/12 16:59:00 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/13 10:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/12/17 10:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2010/11/20 22:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/13 08:58:40 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\d362f68d3bf954ba55a4494a659492af\System.WorkflowServices.ni.dll
MOD - [2012/04/13 08:58:25 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0113a0162fe157bb4f0130a60bbcad1a\System.ServiceModel.Web.ni.dll
MOD - [2012/04/13 08:58:21 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\fa1161af51ab42a61bfac9d02d469a06\System.Xml.Linq.ni.dll
MOD - [2012/04/13 08:57:38 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
MOD - [2012/04/13 08:57:11 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll
MOD - [2012/04/13 08:57:11 | 001,083,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d939fca96c3645bb8806ea8ae43cc0ca\System.IdentityModel.ni.dll
MOD - [2012/04/13 08:57:09 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b74950292d5681795d9d2c1a72a79952\System.ServiceModel.ni.dll
MOD - [2012/04/13 08:57:09 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\281b67b96a2dd473dad4d222da0ca514\SMDiagnostics.ni.dll
MOD - [2012/04/13 01:04:39 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012/04/13 01:04:32 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\507b4ca18da9d2fde2e51a1f04593443\System.Web.ni.dll
MOD - [2012/04/13 01:04:19 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\43e23da6683962ea1168aaf007bbc35d\PresentationFramework.ni.dll
MOD - [2012/04/13 01:04:09 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll
MOD - [2012/04/13 01:04:04 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll
MOD - [2012/04/13 01:04:00 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/04/13 01:03:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/04/13 01:03:57 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\74d980e52c1791f1b8608d767a393144\PresentationCore.ni.dll
MOD - [2012/04/13 01:03:49 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/04/13 01:03:46 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/03/13 12:41:06 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/09/22 10:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2010/12/17 10:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2010/11/24 22:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/12/06 17:16:02 | 000,208,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/12/06 17:15:46 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/11/18 16:36:42 | 000,161,168 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/11/01 13:37:56 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:64bit: - [2011/11/01 13:25:42 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/11/01 13:22:28 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:64bit: - [2011/10/20 18:33:22 | 000,135,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) Intel(R) Centrino(R) Wireless Bluetooth(R)
SRV:64bit: - [2011/10/19 14:25:00 | 000,661,504 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/10/18 17:01:08 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2010/11/29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/11/15 15:15:58 | 000,822,048 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\temp\0326131334369234mcinst.exe -- (0326131334369234mcinstcleanup) McAfee Application Installer Cleanup (0326131334369234)
SRV - [2011/11/04 08:19:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/11/03 13:24:06 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/10/26 08:58:10 | 000,162,816 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2011/09/22 10:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/06/07 12:25:12 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/05/12 16:59:00 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/08/25 20:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/13 12:27:17 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/03/13 12:27:17 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/01 20:57:06 | 008,615,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2011/11/04 08:19:00 | 000,249,152 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2011/11/04 08:19:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/10/19 14:19:08 | 000,195,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/10/19 14:19:08 | 000,195,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/10/15 19:18:08 | 000,291,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2011/10/15 12:16:16 | 000,647,080 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,481,768 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/10/15 12:16:16 | 000,284,648 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,160,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/10/15 12:16:16 | 000,075,808 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/09/13 19:14:44 | 000,212,992 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/09/13 19:14:42 | 000,095,744 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/08/24 00:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/07/20 08:39:58 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/05/17 09:27:52 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/05/17 09:27:50 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/01/20 11:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/01/12 20:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/17 12:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/12/13 12:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/11/29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/10/15 19:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/08/20 13:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010/07/12 21:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/27 10:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {81346A8C-9092-432E-9CBE-84110AFD3725}
IE:64bit: - HKLM\..\SearchScopes\{81346A8C-9092-432E-9CBE-84110AFD3725}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {81346A8C-9092-432E-9CBE-84110AFD3725}
IE - HKLM\..\SearchScopes\{81346A8C-9092-432E-9CBE-84110AFD3725}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {B004C842-D5FF-48D8-BF4A-B9F304E5913C}
IE - HKCU\..\SearchScopes\{B004C842-D5FF-48D8-BF4A-B9F304E5913C}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Ashu&Gowthu\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Ashu&Gowthu\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ashu&Gowthu\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ashu&Gowthu\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/04/13 17:30:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/04/13 21:07:11 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/04/12 22:44:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120413173024.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120413173024.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{027772C3-BC42-40A5-B4B6-705C41941068}: DhcpNameServer = 75.75.76.76 75.75.75.75 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26D5D134-18F4-4E47-88A4-7E98C778A581}: DhcpNameServer = 13.36.0.104
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/14 23:53:50 | 000,000,027 | ---- | M] () - E:\AUTORUN_.INF -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - Y:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[CLEARALLRESTOREPOINTS]
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/04/13 21:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/13 21:31:44 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/13 21:31:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/13 21:27:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/04/13 21:27:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2012/04/13 21:27:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda USB Vaccine
[2012/04/13 21:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/04/13 17:30:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2012/04/13 17:30:23 | 000,010,248 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2012/04/13 17:30:13 | 000,481,768 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2012/04/13 17:30:13 | 000,284,648 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2012/04/13 17:30:13 | 000,229,528 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2012/04/13 17:30:13 | 000,100,912 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2012/04/13 17:30:13 | 000,075,808 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2012/04/13 17:30:13 | 000,065,264 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2012/04/13 17:30:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2012/04/13 17:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2012/04/13 17:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2012/04/13 17:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2012/04/13 17:17:12 | 000,161,168 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2012/04/13 17:10:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/04/13 17:10:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/04/13 08:52:15 | 000,000,000 | ---D | C] -- C:\Users\Ashu&Gowthu\AppData\Roaming\Mozilla
[2012/04/13 00:53:37 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/13 00:53:37 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/13 00:53:36 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/13 00:53:36 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/13 00:53:36 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/13 00:53:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/13 00:53:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/13 00:53:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/13 00:53:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/13 00:53:35 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/13 00:53:35 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/13 00:50:35 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/13 00:50:35 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/13 00:50:34 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/13 00:49:31 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/13 00:49:31 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/13 00:49:31 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/13 00:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/04/12 22:47:21 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/04/12 22:44:43 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/04/12 22:39:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/04/12 22:39:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/04/12 22:39:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/04/12 22:39:21 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/04/12 22:39:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/12 22:15:18 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/04/12 20:37:21 | 000,000,000 | ---D | C] -- C:\Users\Ashu&Gowthu\Desktop\Virus remove
[2012/04/12 16:38:01 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/04/12 16:38:01 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/04/12 16:37:46 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/04/12 16:37:45 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/04/12 16:37:45 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/04/12 16:37:40 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/04/12 16:37:23 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/04/12 16:37:23 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/04/12 16:37:23 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/04/12 16:37:04 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/04/12 16:37:04 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/04/12 06:59:18 | 000,000,000 | ---D | C] -- C:\Users\Ashu&Gowthu\AppData\Local\Google
[2012/04/12 06:58:55 | 000,000,000 | ---D | C] -- C:\Users\Ashu&Gowthu\AppData\Local\Apps
[2012/04/12 06:58:54 | 000,000,000 | ---D | C] -- C:\Users\Ashu&Gowthu\AppData\Local\Deployment
[2012/04/11 22:40:57 | 000,000,000 | ---D | C] -- C:\TrustedID IDMonitor Identity Protection
[2012/04/11 22:33:25 | 000,000,000 | ---D | C] -- C:\Users\Ashu&Gowthu\Desktop\Gowtham
[2012/04/11 22:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\Templates
[2012/04/11 22:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\Start Menu
[2012/04/11 22:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\SendTo
[2012/04/11 22:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\Recent
[2012/04/11 22:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\PrintHood
[2012/04/11 22:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\NetHood
[2012/04/11 22:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\Documents\My Videos
[2012/04/11 22:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\Documents\My Pictures
[2012/04/11 22:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\Documents\My Music
[2012/04/11 22:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\My Documents
[2012/04/11 22:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\Local Settings
[2012/04/11 22:32:42 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\Cookies
[2012/04/11 22:32:42 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\Application Data
[2012/04/11 22:32:39 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\AppData\Local\Temporary Internet Files
[2012/04/11 22:32:37 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\AppData\Local\History
[2012/04/11 22:32:36 | 000,000,000 | -HSD | C] -- C:\Users\Ashu&Gowthu\AppData\Local\Application Data
[2012/04/11 22:32:25 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2012/04/11 21:06:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/04/11 20:54:37 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/04/11 20:50:37 | 000,000,000 | ---D | C] -- C:\Users\Ashu&Gowthu\AppData\Roaming\GlarySoft
[2012/04/11 20:49:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2012/04/11 20:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2012/04/11 20:21:33 | 000,000,000 | ---D | C] -- C:\Users\Ashu&Gowthu\AppData\Roaming\Malwarebytes
[2012/04/11 20:21:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/11 19:42:54 | 000,000,000 | ---D | C] -- C:\Users\Ashu&Gowthu\AppData\Local\VirtualStore
[2012/04/11 19:42:28 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012/04/13 21:34:12 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/13 21:34:12 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/13 21:34:12 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/13 21:09:34 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/13 21:09:34 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/13 21:01:53 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/04/13 21:01:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/13 21:01:44 | 453,640,191 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/13 16:59:39 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-288744853-3946785532-44038473-1002UA.job
[2012/04/13 01:02:45 | 000,319,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/13 00:53:19 | 000,773,050 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/12 23:52:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-288744853-3946785532-44038473-1002Core.job
[2012/04/12 22:44:39 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/04/12 20:07:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/04/11 22:42:02 | 000,000,184 | RHS- | M] () -- C:\MSSTBJ.CAT
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/04/12 23:47:25 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-288744853-3946785532-44038473-1002UA.job
[2012/04/12 23:47:25 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-288744853-3946785532-44038473-1002Core.job
[2012/04/12 22:39:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/04/12 22:39:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/04/12 22:39:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/04/12 22:39:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/04/12 22:39:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/04/12 20:07:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/04/11 22:42:02 | 000,000,184 | RHS- | C] () -- C:\MSSTBJ.CAT
[2012/04/11 20:49:35 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/04/11 19:42:22 | 453,640,191 | -HS- | C] () -- C:\hiberfil.sys
[2012/03/13 12:00:38 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012/03/13 11:59:37 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/13 11:59:35 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/13 11:59:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/13 11:59:33 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/03/13 11:59:32 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/11/03 13:24:18 | 000,322,880 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/02/10 11:10:51 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== Custom Scans ==========

< :OTL >

< :Commands >

< [purity] >

< [emptytemp] >

< [EMPTYFLASH] >

< [emptyjava] >

< [Reboot] >

< End of report >

 

[Broni]

OTL log is incorrect.
You clicked on "Scan" button instead of "Fix" button.
Redo.

Then go on with other steps.

 

[Gowtham83]

Here is the log

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Ashu&Gowthu
->Temp folder emptied: 217792527 bytes
->Temporary Internet Files folder emptied: 38112812 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1193 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33010748 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 556 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 276.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Ashu&Gowthu
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Ashu&Gowthu
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.39.2 log created on 04132012_220404

Files\Folders moved on Reboot...
C:\Users\Ashu&Gowthu\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Ashu&Gowthu\AppData\Local\Temp\~DFC9E75D6AC37C615A.TMP moved successfully.
C:\Users\Ashu&Gowthu\AppData\Local\Temp\~DFD94DEF413281D725.TMP moved successfully.
C:\Users\Ashu&Gowthu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Ashu&Gowthu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YRXELPQC\OTL[1].exe moved successfully.
C:\Users\Ashu&Gowthu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UINN958R\PugTracker[1].htm moved successfully.
C:\Users\Ashu&Gowthu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGA2WD17\billboard[1].htm moved successfully.
C:\Users\Ashu&Gowthu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGA2WD17\dpsync[1].htm moved successfully.
C:\Users\Ashu&Gowthu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGA2WD17\dpsync[2].htm moved successfully.
C:\Users\Ashu&Gowthu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGA2WD17\dpsync[3].htm moved successfully.
C:\Users\Ashu&Gowthu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GVD9FBVM\topic179797-2[1].htm moved successfully.
C:\Users\Ashu&Gowthu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GVD9FBVM\up[1].htm moved successfully.

Registry entries deleted on Reboot...

 

[Gowtham83]

Broni..

I have complted all the steps

 

[Broni]

13. Please, let me know, how your computer is doing.

...

 

[Gowtham83]

Thanks For you time and Help.

 

[Gowtham83]

Computer has been great from yesterday

 

[Broni]

Way to go!!

Good luck and stay safe

 

[Gowtham83]

One last question how about a restore point

 

[Broni]

What about it?

 

[Gowtham83]

I mean should i create one now or will that be created automatically?

 

[Broni]

Step 1 did it for you.

 

[Gowtham83]

Oh Ok.. I thought that step would only delete the old restore points

Thank you once again Broni

 

[Gowtham83]

Broni, One last question. I am not able to Uninstall Glary Utilites. Please help

 

[Broni]

Try free version of Revo: http://www.revouninstaller.com/revo_uninstaller_free_download.html

 

[Gowtham83]

Broni
I still could not UnInstall it but with Deleted all the registry and Unwanted files. Thank you

Have a GoodNight and Great weekend

 

[Broni]

Same to you