Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

remove @virus=hr

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

remove @virus=hr

Unread postby dkmoorthyy » January 28th, 2016, 2:17 am

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by Damodaran.V (administrator) on DSCOMPUTER (28-01-2016 10:10:56)
Running from C:\Users\Damodaran.V\Downloads
Loaded Profiles: Damodaran.V (Available Profiles: Damodaran.V)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAsenmon.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe
() C:\Program Files\Dell\My Dell Learning Center\MDLCSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\VSSX64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FACSMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(The Chromium Authors) C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(The Chromium Authors) C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe
() C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
(The Chromium Authors) C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Sensible Vision) C:\Program Files (x86)\Sensible Vision\Fast Access\FAupgradeNoticeOT.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\40.2.4\ScriptHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-17] (Dell Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810096 2014-02-14] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95464 2015-08-08] (Sensible Vision )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2814864 2016-01-11] ()
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2015-08-08] (Sensible Vision )
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\Run: [GoogleChromeAutoLaunch_0C59E097D32DFFA12D387D1C27671F27] => C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-03] (The Chromium Authors)
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\RunOnce: [Uninstall C:\Users\Damodaran.V\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Damodaran.V\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\RunOnce: [Uninstall C:\Users\Damodaran.V\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Damodaran.V\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1"
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\Damodaran.V\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system.bat [2015-11-29] ()
Startup: C:\Users\Damodaran.V\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windows.vbs [2015-11-29] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9f9cb506-c03b-44dd-8186-3e6483ced88b}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U270&ocid=U270DHP&osmkt=en-in
SearchScopes: HKU\S-1-5-21-2685571705-2690768861-2108707517-1002 -> DefaultScope {4C2D7615-461C-48E7-8A8C-77B790F2D202} URL =
SearchScopes: HKU\S-1-5-21-2685571705-2690768861-2108707517-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U270DF&PC=U270&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2685571705-2690768861-2108707517-1002 -> {73cd434e-8e1e-46b6-bb8d-7dd935140717} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-07] (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2015-08-08] (Sensible Vision )
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2015-08-08] (Sensible Vision )
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2015-11-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-11-10] (McAfee, Inc.)

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.4\\npsitesafety.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @sensiblevision.com/FastAccess,version=4.1.110 -> C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\nprt.dll [2014-05-23] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2015-11-14] [not signed]

Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.google.co.in"
CHR DefaultSearchURL: Default -> hxxps://in.search.yahoo.com/search?fr=m ... 0150804&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-13]
CHR Extension: (Google Drive) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (MySmartPrice) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\bofbpdmkbmlancfihdncikcigpokmdda [2016-01-08]
CHR Extension: (Google Search) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (eDealMan) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfikojomocdccphkaadgagdjlcdmfmke [2015-11-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-13]
CHR Extension: (Gmail) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-13]
CHR HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-07] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [119656 2015-12-07] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [293440 2014-04-01] (Aviata, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-11-10] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe [1694152 2015-10-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
R2 My Dell Learning Center; C:\Program Files\Dell\My Dell Learning Center\MDLCSvc.exe [22528 2015-01-23] () [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-05] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [69184 2015-07-01] (Advanced Micro Devices, Inc.)
R2 vToolbarUpdater40.2.4; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [1923984 2016-01-11] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2016-01-11] ()
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [109832 2015-07-01] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [285968 2015-07-01] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-05-22] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-04] ()
S3 facap; C:\Windows\system32\DRIVERS\facap.sys [37888 2012-09-03] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-28 10:10 - 2016-01-28 10:12 - 00023987 _____ C:\Users\Damodaran.V\Downloads\FRST.txt
2016-01-28 10:10 - 2016-01-28 10:10 - 00000000 ____D C:\FRST
2016-01-28 10:09 - 2016-01-28 10:10 - 02370560 _____ (Farbar) C:\Users\Damodaran.V\Downloads\FRST64.exe
2016-01-28 09:51 - 2016-01-28 09:51 - 00000000 ___HD C:\OneDriveTemp
2016-01-28 09:49 - 2016-01-28 09:49 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-01-27 21:42 - 2016-01-27 21:42 - 00282411 _____ C:\Users\Damodaran.V\Desktop\www.freedownloadmobileringtones.com - http://www.fdmr.in(1).m4r
2016-01-27 20:10 - 2016-01-27 20:10 - 00288393 _____ C:\Users\Damodaran.V\Desktop\www.freedownloadmobileringtones.com - http://www.fdmr.in.m4r
2016-01-27 19:55 - 2016-01-27 19:55 - 00003086 _____ C:\WINDOWS\System32\Tasks\0116tbUpdateInfo
2016-01-27 19:55 - 2016-01-27 19:55 - 00000000 ____D C:\ProgramData\Avg_Update_0116tb
2016-01-24 20:16 - 2016-01-27 18:17 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-01-23 18:13 - 2016-01-23 18:13 - 00000000 ____D C:\ProgramData\Wondershare
2016-01-23 18:12 - 2016-01-23 18:12 - 00000000 ____D C:\Users\Damodaran.V\AppData\Roaming\HMYGSetting
2016-01-23 18:12 - 2016-01-23 18:12 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Wondershare
2016-01-23 18:08 - 2016-01-23 18:11 - 32327656 _____ (Wondershare ) C:\Users\Damodaran.V\Downloads\tunesgo_setup_full1323.exe
2016-01-22 14:28 - 2016-01-22 14:28 - 00001916 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-01-22 14:28 - 2016-01-22 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-01-22 14:27 - 2016-01-22 14:28 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-01-22 12:25 - 2016-01-22 13:04 - 110676048 _____ C:\Users\Damodaran.V\Downloads\PowerDVD_12.0.26664.4303_Dell_DVD141106-04_Normal.exe
2016-01-20 18:59 - 2016-01-20 18:59 - 00418240 _____ C:\Users\Damodaran.V\Downloads\SAT Coaching Centres, Training, Classes, Institutes in Madurai _ Sulekha Madurai.html
2016-01-20 18:59 - 2016-01-20 18:59 - 00000000 ____D C:\Users\Damodaran.V\Downloads\SAT Coaching Centres, Training, Classes, Institutes in Madurai _ Sulekha Madurai_files
2016-01-20 13:50 - 2016-01-20 13:50 - 00003230 _____ C:\WINDOWS\System32\Tasks\0815scUpdateInfo
2016-01-20 13:50 - 2016-01-20 13:50 - 00000000 ____D C:\ProgramData\Avg_Update_0815sc
2016-01-16 19:01 - 2016-01-19 12:47 - 00000000 _____ C:\WINDOWS\system32\Buffer.xml
2016-01-13 16:26 - 2016-01-05 08:21 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 16:26 - 2016-01-05 08:15 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-13 16:26 - 2016-01-05 08:12 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-13 16:26 - 2016-01-05 08:07 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 16:26 - 2016-01-05 08:07 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 16:26 - 2016-01-05 08:07 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 16:26 - 2016-01-05 08:03 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 16:26 - 2016-01-05 08:03 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 16:26 - 2016-01-05 08:03 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 16:26 - 2016-01-05 07:53 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 16:26 - 2016-01-05 07:29 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-13 16:26 - 2016-01-05 07:27 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-13 16:26 - 2016-01-05 07:19 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-13 16:26 - 2016-01-05 07:18 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 16:26 - 2016-01-05 07:13 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-13 16:26 - 2016-01-05 07:11 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-13 16:26 - 2016-01-05 07:09 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-13 16:26 - 2016-01-05 06:58 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-13 16:26 - 2016-01-05 06:58 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 16:26 - 2016-01-05 06:55 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-13 16:25 - 2016-01-05 08:21 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-13 16:25 - 2016-01-05 08:21 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-13 16:25 - 2016-01-05 08:20 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 16:25 - 2016-01-05 08:20 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-13 16:25 - 2016-01-05 08:20 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 16:25 - 2016-01-05 08:19 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 16:25 - 2016-01-05 08:18 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 16:25 - 2016-01-05 08:07 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 16:25 - 2016-01-05 08:07 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 16:25 - 2016-01-05 08:07 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 16:25 - 2016-01-05 08:07 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-13 16:25 - 2016-01-05 08:06 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-13 16:25 - 2016-01-05 08:03 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 16:25 - 2016-01-05 08:03 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 16:25 - 2016-01-05 08:03 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-13 16:25 - 2016-01-05 08:03 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 16:25 - 2016-01-05 08:01 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-13 16:25 - 2016-01-05 07:57 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 16:25 - 2016-01-05 07:54 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 16:25 - 2016-01-05 07:53 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 16:25 - 2016-01-05 07:53 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 16:25 - 2016-01-05 07:53 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 16:25 - 2016-01-05 07:51 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 16:25 - 2016-01-05 07:47 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 16:25 - 2016-01-05 07:46 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 16:25 - 2016-01-05 07:27 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-13 16:25 - 2016-01-05 07:27 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 16:25 - 2016-01-05 07:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-13 16:25 - 2016-01-05 07:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-01-13 16:25 - 2016-01-05 07:24 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-13 16:25 - 2016-01-05 07:23 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-13 16:25 - 2016-01-05 07:22 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 16:25 - 2016-01-05 07:21 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-13 16:25 - 2016-01-05 07:21 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 16:25 - 2016-01-05 07:20 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-13 16:25 - 2016-01-05 07:20 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-13 16:25 - 2016-01-05 07:20 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-13 16:25 - 2016-01-05 07:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-13 16:25 - 2016-01-05 07:19 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 16:25 - 2016-01-05 07:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 16:25 - 2016-01-05 07:19 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-13 16:25 - 2016-01-05 07:19 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-13 16:25 - 2016-01-05 07:18 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 16:25 - 2016-01-05 07:18 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-13 16:25 - 2016-01-05 07:17 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-13 16:25 - 2016-01-05 07:17 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 16:25 - 2016-01-05 07:17 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 16:25 - 2016-01-05 07:15 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 16:25 - 2016-01-05 07:15 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-13 16:25 - 2016-01-05 07:14 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-13 16:25 - 2016-01-05 07:13 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-01-13 16:25 - 2016-01-05 07:13 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 16:25 - 2016-01-05 07:13 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-13 16:25 - 2016-01-05 07:12 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-13 16:25 - 2016-01-05 07:11 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 16:25 - 2016-01-05 07:11 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-13 16:25 - 2016-01-05 07:10 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 16:25 - 2016-01-05 07:10 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-13 16:25 - 2016-01-05 07:09 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 16:25 - 2016-01-05 07:09 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-13 16:25 - 2016-01-05 07:09 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 16:25 - 2016-01-05 07:08 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 16:25 - 2016-01-05 07:06 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 16:25 - 2016-01-05 07:06 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 16:25 - 2016-01-05 07:03 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 16:25 - 2016-01-05 07:00 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-13 16:25 - 2016-01-05 07:00 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-13 16:25 - 2016-01-05 06:59 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 16:25 - 2016-01-05 06:58 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-11 16:07 - 2016-01-11 17:17 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\AVG Web TuneUp
2016-01-11 16:07 - 2016-01-11 16:08 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-01-11 16:07 - 2016-01-11 16:07 - 00000000 ____D C:\ProgramData\AVG Secure Search
2016-01-11 16:07 - 2016-01-11 16:07 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2016-01-11 16:07 - 2016-01-11 16:07 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-01-11 16:07 - 2016-01-11 16:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-11 16:07 - 2016-01-11 16:07 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-01-10 21:00 - 2016-01-10 21:00 - 00000000 ____D C:\Temp1234
2016-01-10 20:54 - 2016-01-11 15:56 - 00000000 ____D C:\Users\Damodaran.V\AppData\Roaming\AVG
2016-01-10 20:52 - 2016-01-10 20:52 - 00000000 ____D C:\Users\Damodaran.V\AppData\Roaming\TuneUp Software
2016-01-10 20:40 - 2016-01-19 12:40 - 00000000 ____D C:\ProgramData\MFAData
2016-01-10 20:40 - 2016-01-10 20:40 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\MFAData
2016-01-10 20:39 - 2016-01-10 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-01-10 20:16 - 2016-01-19 12:40 - 00000000 ____D C:\ProgramData\Avg
2016-01-10 20:16 - 2016-01-19 12:40 - 00000000 ____D C:\Program Files (x86)\AVG
2016-01-10 20:13 - 2016-01-19 12:47 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\AvgSetupLog
2016-01-10 20:13 - 2016-01-19 12:40 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Avg
2016-01-10 13:01 - 2016-01-10 13:01 - 00000044 _____ C:\Users\Damodaran.V\AppData\Roaming\WB.CFG
2016-01-10 11:06 - 2016-01-10 11:07 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Chromium
2016-01-10 11:06 - 2016-01-10 11:06 - 00000000 ____D C:\Users\Damodaran.V\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
2016-01-10 11:01 - 2016-01-10 11:01 - 00002509 _____ C:\Users\Damodaran.V\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-01-10 11:01 - 2016-01-10 11:01 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Setup594587640
2016-01-10 11:00 - 2016-01-10 21:01 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\{F389C5D5-D721-A96D-BAB9-8C859ED1701D}
2016-01-10 11:00 - 2016-01-10 11:00 - 01055936 _____ (Adobe) C:\Users\Damodaran.V\Downloads\flash_setup.exe
2016-01-10 10:55 - 2016-01-10 20:20 - 08388608 _____ C:\Users\Damodaran.V\Downloads\adobe_flash_player.vhdx
2016-01-08 21:40 - 2016-01-08 21:41 - 06135249 _____ C:\Users\Damodaran.V\Documents\VID-20150730-WA0018.mp4
2016-01-08 21:37 - 2016-01-08 21:40 - 11716380 _____ C:\Users\Damodaran.V\Documents\VID-20150725-WA0010.mp4
2016-01-08 21:37 - 2016-01-08 21:37 - 03813546 _____ C:\Users\Damodaran.V\Documents\VID-20150722-WA0005.mp4
2016-01-08 21:36 - 2016-01-08 21:37 - 01777096 _____ C:\Users\Damodaran.V\Documents\VID-20150714-WA0012.mp4
2016-01-08 21:33 - 2016-01-08 21:34 - 07522790 _____ C:\Users\Damodaran.V\Documents\VID-20150706-WA0006.mp4
2016-01-08 21:32 - 2016-01-08 21:33 - 01363440 _____ C:\Users\Damodaran.V\Documents\VID-20151106-WA0024.3gp
2016-01-08 21:32 - 2016-01-08 21:32 - 01545169 _____ C:\Users\Damodaran.V\Documents\VID-20151104-WA0023.3gp
2016-01-08 21:32 - 2016-01-08 21:32 - 00480914 _____ C:\Users\Damodaran.V\Documents\VID-20150818-WA0006.3gp
2016-01-08 21:31 - 2016-01-08 21:32 - 04431393 _____ C:\Users\Damodaran.V\Documents\VID-20150805-WA0006.3gp
2016-01-08 21:30 - 2016-01-08 21:31 - 01061970 _____ C:\Users\Damodaran.V\Documents\VID-20150801-WA0011.3gp
2016-01-08 21:29 - 2016-01-08 21:30 - 02655052 _____ C:\Users\Damodaran.V\Documents\VID-20150728-WA0023.3gp
2016-01-06 21:57 - 2016-01-06 21:57 - 00003560 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2016-01-02 17:47 - 2016-01-02 17:47 - 00000000 ____D C:\Users\Damodaran.V\Documents\Custom Office Templates
2016-01-01 12:07 - 2016-01-01 12:10 - 22908888 _____ (Malwarebytes ) C:\Users\Damodaran.V\Downloads\mbam-setup-majorgeeks-2.2.0.1024.exe
2016-01-01 12:02 - 2016-01-01 12:03 - 04274096 _____ (BrightFort LLC ) C:\Users\Damodaran.V\Downloads\spywareblastersetup54.exe
2016-01-01 12:01 - 2016-01-10 20:30 - 01599336 _____ (Malwarebytes) C:\Users\Damodaran.V\Downloads\JRT (1).exe
2016-01-01 12:00 - 2016-01-01 12:00 - 00001392 _____ C:\Users\Damodaran.V\Desktop\JRT.txt
2016-01-01 11:54 - 2016-01-01 11:54 - 01599336 _____ (Malwarebytes) C:\Users\Damodaran.V\Downloads\JRT.exe
2016-01-01 11:49 - 2016-01-01 11:50 - 03069496 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Damodaran.V\Downloads\UsbFix.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-28 10:05 - 2015-12-02 13:55 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-28 10:04 - 2015-10-30 12:54 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-28 10:04 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-28 09:52 - 2015-05-23 16:18 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-01-28 09:51 - 2015-10-02 11:06 - 00000000 ___RD C:\Users\Damodaran.V\OneDrive
2016-01-28 09:48 - 2015-12-02 13:55 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-28 09:48 - 2015-11-19 17:30 - 00000000 ___RD C:\Users\Damodaran.V\iCloudDrive
2016-01-28 09:48 - 2015-08-02 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-01-27 21:24 - 2015-11-10 13:13 - 00000000 ____D C:\Users\Damodaran.V\Desktop\New folder (2)
2016-01-27 20:26 - 2015-08-11 14:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-27 20:14 - 2015-08-11 14:02 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-27 18:14 - 2015-10-30 12:51 - 00000000 ____D C:\WINDOWS\INF
2016-01-27 16:44 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-26 19:26 - 2015-12-07 14:39 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-26 19:19 - 2015-12-07 14:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-26 13:26 - 2015-10-30 11:58 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-26 13:26 - 2015-05-23 16:18 - 02000655 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2016-01-26 13:26 - 2015-05-23 16:11 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-01-26 13:01 - 2015-08-01 23:42 - 00004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C1FE442-6239-43E0-BC49-709AF5BB0C3F}
2016-01-22 14:48 - 2015-08-05 07:54 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Apple Computer
2016-01-22 10:04 - 2015-10-30 11:58 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-22 08:14 - 2015-10-30 12:54 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-22 08:09 - 2015-05-23 16:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-01-20 19:37 - 2015-10-30 12:41 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-19 12:52 - 2015-08-01 15:03 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Packages
2016-01-18 12:15 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-16 19:48 - 2015-10-30 12:54 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-01-16 19:03 - 2015-12-10 16:49 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\ElevatedDiagnostics
2016-01-15 15:10 - 2015-12-02 13:59 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-12 15:42 - 2015-08-01 15:03 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\VirtualStore
2016-01-11 16:12 - 2015-12-08 03:38 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-11 16:12 - 2015-05-23 15:56 - 00000000 ____D C:\ProgramData\Temp
2016-01-10 21:00 - 2013-08-22 18:55 - 00000000 ____D C:\Syst6C1C49C6
2016-01-03 13:57 - 2015-12-07 14:18 - 00000000 ____D C:\Users\Damodaran.V
2016-01-03 07:10 - 2015-10-30 12:56 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 07:10 - 2015-10-30 12:56 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-11-29 17:55 - 2015-05-28 11:42 - 0001159 _____ () C:\Users\Damodaran.V\AppData\Roaming\movie.bat
2015-11-29 17:55 - 2015-11-29 17:55 - 0001041 _____ () C:\Users\Damodaran.V\AppData\Roaming\vol.bat
2016-01-10 13:01 - 2016-01-10 13:01 - 0000044 _____ () C:\Users\Damodaran.V\AppData\Roaming\WB.CFG
2015-08-11 07:55 - 2015-08-11 07:55 - 0000017 _____ () C:\Users\Damodaran.V\AppData\Local\resmon.resmoncfg
2015-12-07 14:14 - 2015-12-07 14:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-23 16:01 - 2015-05-23 16:02 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-05-23 15:57 - 2015-05-23 15:58 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-05-23 15:58 - 2015-05-23 15:59 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2015-05-23 15:59 - 2015-05-23 16:01 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-05-23 15:56 - 2015-05-23 15:56 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\Damodaran.V\AppData\Local\Temp\avguirn_081926041368.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-27 18:13

==================== End of FRST.txt ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Damodaran.V (2016-01-28 10:14:03)
Running from C:\Users\Damodaran.V\Downloads
Windows 10 Home (X64) (2015-12-07 09:24:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2685571705-2690768861-2108707517-500 - Administrator - Disabled)
Damodaran.V (S-1-5-21-2685571705-2690768861-2108707517-1002 - Administrator - Enabled) => C:\Users\Damodaran.V
DefaultAccount (S-1-5-21-2685571705-2690768861-2108707517-503 - Limited - Disabled)
Guest (S-1-5-21-2685571705-2690768861-2108707517-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{4CD0E9CC-42B4-36B7-6FA1-424ED32D4AF3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.4.155 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{91E2DDB6-DC13-4585-8A10-04C6AB6F87A4}) (Version: 3.1.1900.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{17FFE63C-6734-4950-B488-134B5A2505F7}) (Version: 2.04.0280 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.93 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.2.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{90437913-9D4D-4D9D-B438-B8664DF851E9}) (Version: 1.7.1007.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Face Recognition (HKLM\...\{3E90A9D2-5A2B-4532-AEED-E526536D40B2}) (Version: 4.1.224.1 - Sensible Vision)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 14.0.6120 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.6.0.202 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
My Dell Learning Center (HKLM\...\{DC451A89-545E-4297-AC2C-9F239CE7D695}) (Version: 1.0.510.0 - Dell Inc.)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2685571705-2690768861-2108707517-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Damodaran.V\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006A6B74-993F-45D5-98AF-CA0EA3D2F30F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0085DA3B-40ED-428C-A9BD-FEBDDD36B6EE} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {038841EC-24A9-46B8-8A9F-A1F05AF538ED} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {09CD4C11-A0D2-4C3E-AAD3-943F8B76CE61} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {167BF3AF-97B2-4802-B096-FCC5A0948179} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {1BD07168-FBF9-4338-9E37-86C03EED0B51} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-14] (Synaptics Incorporated)
Task: {36C0D943-7557-46F4-82A1-75AA01E42FE1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {38422ABD-64BC-4366-845D-C04F6FA6DCCB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3D3B6EA6-4558-4F69-98DF-FCE5D0351498} - System32\Tasks\Dell\Dell Product Registration => /boot /LSRC=autolaunch
Task: {406EAE57-959B-4DAE-8504-F3AE40A3218C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5106FA97-0FFD-4167-8AF4-F900C89BDC26} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {554C17DA-E154-4C62-8AD1-85CBF1A6DD1C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {57D52DF5-AC91-4BA7-AAA9-4081AE394B33} - System32\Tasks\0815scUpdateInfo => C:\ProgramData\Avg_Update_0815sc\0815sc_{1F86B026-4A7A-4117-87D2-B4F5E66B3FA0}.exe [2016-01-20] ()
Task: {6B5D39A9-E105-4225-8C35-B553A955B9A1} - System32\Tasks\Dell\Dell Product Registration Update => /updatecheck /LSRC=autolaunch
Task: {72E7728B-5C4E-414A-AB04-96F29D894E3C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7C8E0871-4B25-4352-85BC-22FD1E119340} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2015-11-02] (McAfee, Inc.)
Task: {83597DBB-B8AB-4B3A-83F6-A15859D50BF6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
Task: {8496FDBA-48A8-434C-B06E-6952DA098205} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-09-30] (Dell Inc.)
Task: {8510C503-21CC-4EFC-A65C-8361348EA613} - System32\Tasks\0116tbUpdateInfo => C:\ProgramData\Avg_Update_0116tb\0116tb_{CE09A40E-C31E-4633-B137-9EF888EDAAAF}.exe [2016-01-27] ()
Task: {9216B667-172C-4845-860A-1FF4B55F0EFC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {965D1966-172E-4EEB-8A60-22A0C3F10AFD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {9CFBBA00-D966-4CCD-8FC8-F689E549B1F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A66A698A-F7BD-4E4B-AB17-17C090148B4E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-27] (Microsoft Corporation)
Task: {A6CAD891-76CE-45BC-9158-B99500E40CE8} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\WINDOWS\TEMP\DeleteFolderTask.exe [2015-12-22] ()
Task: {A9EA4CE7-A848-41A6-A76E-36E531195F8F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-10-30] (PC-Doctor, Inc.)
Task: {ADAAEDDA-8B37-4B17-AFD2-E057CBEF16CB} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {AEA7DB46-4142-4E4F-9734-27B10E72F40E} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B3204276-CDD1-4148-8BF8-3FE4999DA93E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {D28EC0D4-2FD9-4168-9FF5-68FDDDE70068} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-11-03] (McAfee, Inc.)
Task: {D62F0B99-CC76-41F5-BCA9-F89D98C9F914} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E0CC4214-44E7-44E7-8DEA-872092841EE4} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-12-09] (McAfee, Inc.)
Task: {E1FB7E46-FBE9-412C-BE1C-6561D321D62D} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-12-09] (McAfee, Inc.)
Task: {F330C1E1-985F-4E4C-AC1B-5ABCC5A48030} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {FDDE75F5-6C44-41BA-8425-C2416F321463} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {FE15EF2F-19B7-4245-A094-A4CE39665FC0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-01-11 16:07 - 2016-01-11 16:07 - 01164688 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-11-04 16:43 - 2015-11-04 16:43 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-11 16:07 - 2016-01-11 16:07 - 00192912 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
2015-01-23 03:07 - 2015-01-23 03:07 - 00022528 _____ () C:\Program Files\Dell\My Dell Learning Center\MDLCSvc.exe
2015-12-03 14:33 - 2016-01-07 06:13 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-10-30 12:48 - 2015-10-30 12:48 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-07 18:00 - 2015-11-22 16:17 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-07 18:00 - 2015-11-22 16:17 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 08:06 - 2016-01-07 19:44 - 08903848 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2015-12-18 17:50 - 2015-12-07 09:44 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 17:50 - 2015-12-07 09:30 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 16:26 - 2016-01-05 06:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 16:25 - 2016-01-05 06:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-13 16:26 - 2016-01-05 06:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-13 16:26 - 2016-01-05 06:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-11 16:07 - 2016-01-11 16:07 - 02814864 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-08-08 11:38 - 2015-08-08 11:38 - 04358888 _____ () C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
2015-08-08 11:52 - 2015-08-08 11:52 - 00093928 _____ () C:\WINDOWS\SYSTEM32\FAIEExtension.DLL
2013-04-04 14:42 - 2013-04-04 14:42 - 00012424 _____ () C:\Program Files (x86)\Sensible Vision\Fast Access\MFCaptureD3D_2_DLL.dll
2016-01-11 16:07 - 2016-01-11 16:07 - 00533904 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\log4cplusU.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-10 20:16 - 2016-01-10 20:15 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-01-10 11:06 - 2015-08-03 22:41 - 01884160 _____ () C:\Users\Damodaran.V\AppData\Local\Chromium\Application\46.0.2472.0\libglesv2.dll
2016-01-10 11:06 - 2015-08-03 22:41 - 00075264 _____ () C:\Users\Damodaran.V\AppData\Local\Chromium\Application\46.0.2472.0\libegl.dll
2015-05-23 15:57 - 2013-03-05 09:10 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 22:11 - 2013-03-05 22:11 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-01-15 15:10 - 2016-01-12 22:05 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-15 15:10 - 2016-01-12 22:05 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
2016-01-20 14:04 - 2016-01-19 14:06 - 16792256 _____ () C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.286\pepflashplayer.dll
2016-01-05 22:47 - 2015-12-19 05:22 - 01607920 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2015-05-23 16:19 - 2012-11-26 08:49 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-05-23 16:18 - 2014-02-19 00:42 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Syst6C1C49C6:$WIMMOUNTDATA

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 18:55 - 2013-08-22 18:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Damodaran.V\Pictures\New folder\DSC00002.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "FAStartup"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A28414AD-C99A-45A1-8593-848FCFE9F566}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5F1ECB46-0B3E-48FC-89F1-420BC21CF7F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84E8A6A0-F0F5-48DE-B07F-0E8E15B1937D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6BA10DB3-DDE7-4A05-8A8C-8D73797AEE62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3A53CA88-D5EB-4761-80D5-E7C84CC32FBF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{49D36C68-B52D-4F27-91F5-BE4079AD0EAD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1C0B7367-3CBF-444A-A29F-53629505FA0B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97AAAB00-34D6-448F-B131-E4D3FC19E29B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{07EF1B86-131A-469D-8C19-E8853401DA43}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{48A43455-450F-4390-B2FC-FEB51C3D8FE1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{FC58F80C-A0F3-4B84-B513-889204752A4D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{A8411A57-9947-4E2E-819B-5B67FBEE0A79}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{70F03942-F0A6-4555-8429-8A1B72B66DC0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{AC8FAC09-4330-425F-83C0-DE9AE930BF33}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{02DCBFC0-7B49-4652-8CB7-DC09C6265B45}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{20847ED3-DB46-4054-A698-462D2BA7EAC2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{EE87668B-E2FE-4BD5-BBD0-9763ED2499A2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{DE524744-6AA6-4665-BD70-C1A36C019A66}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

27-01-2016 18:14:39 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2016 09:47:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MOM.exe, version: 4.5.0.0, time stamp: 0x53ad0e3f
Faulting module name: KERNELBASE.dll, version: 10.0.10586.0, time stamp: 0x5632d1de
Exception code: 0xe0434352
Fault offset: 0x0000000000071f08
Faulting process id: 0x67c
Faulting application start time: 0xMOM.exe0
Faulting application path: MOM.exe1
Faulting module path: MOM.exe2
Report Id: MOM.exe3
Faulting package full name: MOM.exe4
Faulting package-relative application ID: MOM.exe5

Error: (01/28/2016 09:47:30 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: MOM.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileLoadException
at ATI.ACE.MOM.Implementation.MOM.Main(System.String[])

Exception Info: System.Reflection.TargetInvocationException
at System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
at System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
at System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
at System.Type.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[])
at ATI.ACE.MOM.EXE.MOM.Main(System.String[])

Error: (01/27/2016 09:57:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60172

Error: (01/27/2016 09:57:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60172

Error: (01/27/2016 09:57:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/27/2016 09:57:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 44375

Error: (01/27/2016 09:57:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 44375

Error: (01/27/2016 09:57:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/27/2016 09:56:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28984

Error: (01/27/2016 09:56:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28984


System errors:
=============
Error: (01/28/2016 09:49:31 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (01/28/2016 09:46:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.

Error: (01/27/2016 09:57:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.

Error: (01/27/2016 09:56:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.

Error: (01/27/2016 09:56:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_e485d40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/27/2016 09:56:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_e485d40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/27/2016 09:56:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_e485d40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/27/2016 09:56:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_e485d40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/27/2016 09:56:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/27/2016 07:32:21 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}


CodeIntegrity:
===================================
Date: 2016-01-27 19:45:10.366
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-22 08:12:27.481
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-19 12:49:00.103
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-16 19:39:07.788
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-16 19:39:07.719
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-16 18:37:50.079
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-16 18:37:50.020
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-16 18:01:51.953
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-16 18:01:51.922
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-16 18:01:50.809
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD A6-6310 APU with AMD Radeon R4 Graphics
Percentage of memory in use: 70%
Total physical RAM: 3512.5 MB
Available physical RAM: 1032.89 MB
Total Virtual: 4664.5 MB
Available Virtual: 1061.25 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:455.51 GB) (Free:387.28 GB) NTFS
Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
Drive x: () (Fixed) (Total:0.45 GB) (Free:0.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 15EF88BC)

Partition: GPT.

==================== End of Addition.txt ============================
dkmoorthyy
Active Member
 
Posts: 1
Joined: January 28th, 2016, 1:46 am
Advertisement
Register to Remove

Re: remove @virus=hr

Unread postby Cypher » January 29th, 2016, 2:02 pm

No Description of Problems or Symptoms

By posting just the FRST logs without any supporting symptoms or explanations it is likely that your log will be passed by and you will not receive the help you're requesting.

May I draw your attention to THIS topic, which you should have read, that states what we need you to post, so we can help you.
Specifically, this section will tell you what information we require before we can help you and why we need it.

If you still need help, please start a new thread an include your full FRST logs:
  • FRST.txt.
  • Addition.txt.
  • A description of the problems or symptoms you're experiencing.

This topic will now be closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 290 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware