Ran by Damodaran.V (administrator) on DSCOMPUTER (28-01-2016 10:10:56)
Running from C:\Users\Damodaran.V\Downloads
Loaded Profiles: Damodaran.V (Available Profiles: Damodaran.V)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAsenmon.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe
() C:\Program Files\Dell\My Dell Learning Center\MDLCSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\VSSX64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FACSMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(The Chromium Authors) C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(The Chromium Authors) C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe
() C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
(The Chromium Authors) C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Sensible Vision) C:\Program Files (x86)\Sensible Vision\Fast Access\FAupgradeNoticeOT.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\40.2.4\ScriptHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-17] (Dell Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810096 2014-02-14] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95464 2015-08-08] (Sensible Vision )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2814864 2016-01-11] ()
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2015-08-08] (Sensible Vision )
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\Run: [GoogleChromeAutoLaunch_0C59E097D32DFFA12D387D1C27671F27] => C:\Users\Damodaran.V\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-03] (The Chromium Authors)
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\RunOnce: [Uninstall C:\Users\Damodaran.V\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Damodaran.V\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\...\RunOnce: [Uninstall C:\Users\Damodaran.V\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Damodaran.V\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1"
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\Damodaran.V\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system.bat [2015-11-29] ()
Startup: C:\Users\Damodaran.V\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windows.vbs [2015-11-29] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9f9cb506-c03b-44dd-8186-3e6483ced88b}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U270&ocid=U270DHP&osmkt=en-in
SearchScopes: HKU\S-1-5-21-2685571705-2690768861-2108707517-1002 -> DefaultScope {4C2D7615-461C-48E7-8A8C-77B790F2D202} URL =
SearchScopes: HKU\S-1-5-21-2685571705-2690768861-2108707517-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U270DF&PC=U270&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2685571705-2690768861-2108707517-1002 -> {73cd434e-8e1e-46b6-bb8d-7dd935140717} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-07] (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2015-08-08] (Sensible Vision )
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2015-08-08] (Sensible Vision )
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2015-11-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-11-10] (McAfee, Inc.)
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.4\\npsitesafety.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @sensiblevision.com/FastAccess,version=4.1.110 -> C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\nprt.dll [2014-05-23] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2015-11-14] [not signed]
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.google.co.in"
CHR DefaultSearchURL: Default -> hxxps://in.search.yahoo.com/search?fr=m ... 0150804&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-13]
CHR Extension: (Google Drive) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (MySmartPrice) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\bofbpdmkbmlancfihdncikcigpokmdda [2016-01-08]
CHR Extension: (Google Search) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (eDealMan) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfikojomocdccphkaadgagdjlcdmfmke [2015-11-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-13]
CHR Extension: (Gmail) - C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-13]
CHR HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-07] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [119656 2015-12-07] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [293440 2014-04-01] (Aviata, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-11-10] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe [1694152 2015-10-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
R2 My Dell Learning Center; C:\Program Files\Dell\My Dell Learning Center\MDLCSvc.exe [22528 2015-01-23] () [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-05] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [69184 2015-07-01] (Advanced Micro Devices, Inc.)
R2 vToolbarUpdater40.2.4; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [1923984 2016-01-11] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2016-01-11] ()
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [109832 2015-07-01] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [285968 2015-07-01] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-05-22] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-04] ()
S3 facap; C:\Windows\system32\DRIVERS\facap.sys [37888 2012-09-03] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-28 10:10 - 2016-01-28 10:12 - 00023987 _____ C:\Users\Damodaran.V\Downloads\FRST.txt
2016-01-28 10:10 - 2016-01-28 10:10 - 00000000 ____D C:\FRST
2016-01-28 10:09 - 2016-01-28 10:10 - 02370560 _____ (Farbar) C:\Users\Damodaran.V\Downloads\FRST64.exe
2016-01-28 09:51 - 2016-01-28 09:51 - 00000000 ___HD C:\OneDriveTemp
2016-01-28 09:49 - 2016-01-28 09:49 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-01-27 21:42 - 2016-01-27 21:42 - 00282411 _____ C:\Users\Damodaran.V\Desktop\www.freedownloadmobileringtones.com - http://www.fdmr.in(1).m4r
2016-01-27 20:10 - 2016-01-27 20:10 - 00288393 _____ C:\Users\Damodaran.V\Desktop\www.freedownloadmobileringtones.com - http://www.fdmr.in.m4r
2016-01-27 19:55 - 2016-01-27 19:55 - 00003086 _____ C:\WINDOWS\System32\Tasks\0116tbUpdateInfo
2016-01-27 19:55 - 2016-01-27 19:55 - 00000000 ____D C:\ProgramData\Avg_Update_0116tb
2016-01-24 20:16 - 2016-01-27 18:17 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-01-23 18:13 - 2016-01-23 18:13 - 00000000 ____D C:\ProgramData\Wondershare
2016-01-23 18:12 - 2016-01-23 18:12 - 00000000 ____D C:\Users\Damodaran.V\AppData\Roaming\HMYGSetting
2016-01-23 18:12 - 2016-01-23 18:12 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Wondershare
2016-01-23 18:08 - 2016-01-23 18:11 - 32327656 _____ (Wondershare ) C:\Users\Damodaran.V\Downloads\tunesgo_setup_full1323.exe
2016-01-22 14:28 - 2016-01-22 14:28 - 00001916 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-01-22 14:28 - 2016-01-22 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-01-22 14:27 - 2016-01-22 14:28 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-01-22 12:25 - 2016-01-22 13:04 - 110676048 _____ C:\Users\Damodaran.V\Downloads\PowerDVD_12.0.26664.4303_Dell_DVD141106-04_Normal.exe
2016-01-20 18:59 - 2016-01-20 18:59 - 00418240 _____ C:\Users\Damodaran.V\Downloads\SAT Coaching Centres, Training, Classes, Institutes in Madurai _ Sulekha Madurai.html
2016-01-20 18:59 - 2016-01-20 18:59 - 00000000 ____D C:\Users\Damodaran.V\Downloads\SAT Coaching Centres, Training, Classes, Institutes in Madurai _ Sulekha Madurai_files
2016-01-20 13:50 - 2016-01-20 13:50 - 00003230 _____ C:\WINDOWS\System32\Tasks\0815scUpdateInfo
2016-01-20 13:50 - 2016-01-20 13:50 - 00000000 ____D C:\ProgramData\Avg_Update_0815sc
2016-01-16 19:01 - 2016-01-19 12:47 - 00000000 _____ C:\WINDOWS\system32\Buffer.xml
2016-01-13 16:26 - 2016-01-05 08:21 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 16:26 - 2016-01-05 08:15 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-13 16:26 - 2016-01-05 08:12 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-13 16:26 - 2016-01-05 08:07 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 16:26 - 2016-01-05 08:07 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 16:26 - 2016-01-05 08:07 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 16:26 - 2016-01-05 08:03 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 16:26 - 2016-01-05 08:03 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 16:26 - 2016-01-05 08:03 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 16:26 - 2016-01-05 07:53 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 16:26 - 2016-01-05 07:29 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-13 16:26 - 2016-01-05 07:27 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-13 16:26 - 2016-01-05 07:19 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-13 16:26 - 2016-01-05 07:18 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 16:26 - 2016-01-05 07:13 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-13 16:26 - 2016-01-05 07:11 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-13 16:26 - 2016-01-05 07:09 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-13 16:26 - 2016-01-05 06:58 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-13 16:26 - 2016-01-05 06:58 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 16:26 - 2016-01-05 06:55 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-13 16:25 - 2016-01-05 08:21 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-13 16:25 - 2016-01-05 08:21 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-13 16:25 - 2016-01-05 08:20 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 16:25 - 2016-01-05 08:20 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-13 16:25 - 2016-01-05 08:20 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 16:25 - 2016-01-05 08:19 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 16:25 - 2016-01-05 08:18 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 16:25 - 2016-01-05 08:07 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 16:25 - 2016-01-05 08:07 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 16:25 - 2016-01-05 08:07 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 16:25 - 2016-01-05 08:07 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-13 16:25 - 2016-01-05 08:06 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-13 16:25 - 2016-01-05 08:03 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 16:25 - 2016-01-05 08:03 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 16:25 - 2016-01-05 08:03 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-13 16:25 - 2016-01-05 08:03 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 16:25 - 2016-01-05 08:01 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-13 16:25 - 2016-01-05 07:57 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 16:25 - 2016-01-05 07:54 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 16:25 - 2016-01-05 07:53 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 16:25 - 2016-01-05 07:53 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 16:25 - 2016-01-05 07:53 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 16:25 - 2016-01-05 07:51 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 16:25 - 2016-01-05 07:47 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 16:25 - 2016-01-05 07:46 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 16:25 - 2016-01-05 07:27 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-13 16:25 - 2016-01-05 07:27 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 16:25 - 2016-01-05 07:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-13 16:25 - 2016-01-05 07:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-01-13 16:25 - 2016-01-05 07:24 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-13 16:25 - 2016-01-05 07:23 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-13 16:25 - 2016-01-05 07:22 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 16:25 - 2016-01-05 07:21 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-13 16:25 - 2016-01-05 07:21 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 16:25 - 2016-01-05 07:20 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-13 16:25 - 2016-01-05 07:20 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-13 16:25 - 2016-01-05 07:20 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-13 16:25 - 2016-01-05 07:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-13 16:25 - 2016-01-05 07:19 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 16:25 - 2016-01-05 07:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 16:25 - 2016-01-05 07:19 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-13 16:25 - 2016-01-05 07:19 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-13 16:25 - 2016-01-05 07:18 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 16:25 - 2016-01-05 07:18 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-13 16:25 - 2016-01-05 07:17 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-13 16:25 - 2016-01-05 07:17 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 16:25 - 2016-01-05 07:17 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 16:25 - 2016-01-05 07:15 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 16:25 - 2016-01-05 07:15 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-13 16:25 - 2016-01-05 07:14 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-13 16:25 - 2016-01-05 07:13 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-01-13 16:25 - 2016-01-05 07:13 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 16:25 - 2016-01-05 07:13 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-13 16:25 - 2016-01-05 07:12 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-13 16:25 - 2016-01-05 07:11 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 16:25 - 2016-01-05 07:11 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-13 16:25 - 2016-01-05 07:10 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 16:25 - 2016-01-05 07:10 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-13 16:25 - 2016-01-05 07:09 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 16:25 - 2016-01-05 07:09 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-13 16:25 - 2016-01-05 07:09 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 16:25 - 2016-01-05 07:08 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 16:25 - 2016-01-05 07:06 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 16:25 - 2016-01-05 07:06 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 16:25 - 2016-01-05 07:03 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 16:25 - 2016-01-05 07:00 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-13 16:25 - 2016-01-05 07:00 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-13 16:25 - 2016-01-05 06:59 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 16:25 - 2016-01-05 06:58 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-11 16:07 - 2016-01-11 17:17 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\AVG Web TuneUp
2016-01-11 16:07 - 2016-01-11 16:08 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-01-11 16:07 - 2016-01-11 16:07 - 00000000 ____D C:\ProgramData\AVG Secure Search
2016-01-11 16:07 - 2016-01-11 16:07 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2016-01-11 16:07 - 2016-01-11 16:07 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-01-11 16:07 - 2016-01-11 16:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-11 16:07 - 2016-01-11 16:07 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-01-10 21:00 - 2016-01-10 21:00 - 00000000 ____D C:\Temp1234
2016-01-10 20:54 - 2016-01-11 15:56 - 00000000 ____D C:\Users\Damodaran.V\AppData\Roaming\AVG
2016-01-10 20:52 - 2016-01-10 20:52 - 00000000 ____D C:\Users\Damodaran.V\AppData\Roaming\TuneUp Software
2016-01-10 20:40 - 2016-01-19 12:40 - 00000000 ____D C:\ProgramData\MFAData
2016-01-10 20:40 - 2016-01-10 20:40 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\MFAData
2016-01-10 20:39 - 2016-01-10 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-01-10 20:16 - 2016-01-19 12:40 - 00000000 ____D C:\ProgramData\Avg
2016-01-10 20:16 - 2016-01-19 12:40 - 00000000 ____D C:\Program Files (x86)\AVG
2016-01-10 20:13 - 2016-01-19 12:47 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\AvgSetupLog
2016-01-10 20:13 - 2016-01-19 12:40 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Avg
2016-01-10 13:01 - 2016-01-10 13:01 - 00000044 _____ C:\Users\Damodaran.V\AppData\Roaming\WB.CFG
2016-01-10 11:06 - 2016-01-10 11:07 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Chromium
2016-01-10 11:06 - 2016-01-10 11:06 - 00000000 ____D C:\Users\Damodaran.V\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
2016-01-10 11:01 - 2016-01-10 11:01 - 00002509 _____ C:\Users\Damodaran.V\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-01-10 11:01 - 2016-01-10 11:01 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Setup594587640
2016-01-10 11:00 - 2016-01-10 21:01 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\{F389C5D5-D721-A96D-BAB9-8C859ED1701D}
2016-01-10 11:00 - 2016-01-10 11:00 - 01055936 _____ (Adobe) C:\Users\Damodaran.V\Downloads\flash_setup.exe
2016-01-10 10:55 - 2016-01-10 20:20 - 08388608 _____ C:\Users\Damodaran.V\Downloads\adobe_flash_player.vhdx
2016-01-08 21:40 - 2016-01-08 21:41 - 06135249 _____ C:\Users\Damodaran.V\Documents\VID-20150730-WA0018.mp4
2016-01-08 21:37 - 2016-01-08 21:40 - 11716380 _____ C:\Users\Damodaran.V\Documents\VID-20150725-WA0010.mp4
2016-01-08 21:37 - 2016-01-08 21:37 - 03813546 _____ C:\Users\Damodaran.V\Documents\VID-20150722-WA0005.mp4
2016-01-08 21:36 - 2016-01-08 21:37 - 01777096 _____ C:\Users\Damodaran.V\Documents\VID-20150714-WA0012.mp4
2016-01-08 21:33 - 2016-01-08 21:34 - 07522790 _____ C:\Users\Damodaran.V\Documents\VID-20150706-WA0006.mp4
2016-01-08 21:32 - 2016-01-08 21:33 - 01363440 _____ C:\Users\Damodaran.V\Documents\VID-20151106-WA0024.3gp
2016-01-08 21:32 - 2016-01-08 21:32 - 01545169 _____ C:\Users\Damodaran.V\Documents\VID-20151104-WA0023.3gp
2016-01-08 21:32 - 2016-01-08 21:32 - 00480914 _____ C:\Users\Damodaran.V\Documents\VID-20150818-WA0006.3gp
2016-01-08 21:31 - 2016-01-08 21:32 - 04431393 _____ C:\Users\Damodaran.V\Documents\VID-20150805-WA0006.3gp
2016-01-08 21:30 - 2016-01-08 21:31 - 01061970 _____ C:\Users\Damodaran.V\Documents\VID-20150801-WA0011.3gp
2016-01-08 21:29 - 2016-01-08 21:30 - 02655052 _____ C:\Users\Damodaran.V\Documents\VID-20150728-WA0023.3gp
2016-01-06 21:57 - 2016-01-06 21:57 - 00003560 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2016-01-02 17:47 - 2016-01-02 17:47 - 00000000 ____D C:\Users\Damodaran.V\Documents\Custom Office Templates
2016-01-01 12:07 - 2016-01-01 12:10 - 22908888 _____ (Malwarebytes ) C:\Users\Damodaran.V\Downloads\mbam-setup-majorgeeks-2.2.0.1024.exe
2016-01-01 12:02 - 2016-01-01 12:03 - 04274096 _____ (BrightFort LLC ) C:\Users\Damodaran.V\Downloads\spywareblastersetup54.exe
2016-01-01 12:01 - 2016-01-10 20:30 - 01599336 _____ (Malwarebytes) C:\Users\Damodaran.V\Downloads\JRT (1).exe
2016-01-01 12:00 - 2016-01-01 12:00 - 00001392 _____ C:\Users\Damodaran.V\Desktop\JRT.txt
2016-01-01 11:54 - 2016-01-01 11:54 - 01599336 _____ (Malwarebytes) C:\Users\Damodaran.V\Downloads\JRT.exe
2016-01-01 11:49 - 2016-01-01 11:50 - 03069496 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Damodaran.V\Downloads\UsbFix.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-28 10:05 - 2015-12-02 13:55 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-28 10:04 - 2015-10-30 12:54 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-28 10:04 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-28 09:52 - 2015-05-23 16:18 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-01-28 09:51 - 2015-10-02 11:06 - 00000000 ___RD C:\Users\Damodaran.V\OneDrive
2016-01-28 09:48 - 2015-12-02 13:55 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-28 09:48 - 2015-11-19 17:30 - 00000000 ___RD C:\Users\Damodaran.V\iCloudDrive
2016-01-28 09:48 - 2015-08-02 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-01-27 21:24 - 2015-11-10 13:13 - 00000000 ____D C:\Users\Damodaran.V\Desktop\New folder (2)
2016-01-27 20:26 - 2015-08-11 14:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-27 20:14 - 2015-08-11 14:02 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-27 18:14 - 2015-10-30 12:51 - 00000000 ____D C:\WINDOWS\INF
2016-01-27 16:44 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-26 19:26 - 2015-12-07 14:39 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-26 19:19 - 2015-12-07 14:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-26 13:26 - 2015-10-30 11:58 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-26 13:26 - 2015-05-23 16:18 - 02000655 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2016-01-26 13:26 - 2015-05-23 16:11 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-01-26 13:01 - 2015-08-01 23:42 - 00004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C1FE442-6239-43E0-BC49-709AF5BB0C3F}
2016-01-22 14:48 - 2015-08-05 07:54 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Apple Computer
2016-01-22 10:04 - 2015-10-30 11:58 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-22 08:14 - 2015-10-30 12:54 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-22 08:09 - 2015-05-23 16:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-01-20 19:37 - 2015-10-30 12:41 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-19 12:52 - 2015-08-01 15:03 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\Packages
2016-01-18 12:15 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-16 19:48 - 2015-10-30 12:54 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-01-16 19:03 - 2015-12-10 16:49 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\ElevatedDiagnostics
2016-01-15 15:10 - 2015-12-02 13:59 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-12 15:42 - 2015-08-01 15:03 - 00000000 ____D C:\Users\Damodaran.V\AppData\Local\VirtualStore
2016-01-11 16:12 - 2015-12-08 03:38 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-11 16:12 - 2015-05-23 15:56 - 00000000 ____D C:\ProgramData\Temp
2016-01-10 21:00 - 2013-08-22 18:55 - 00000000 ____D C:\Syst6C1C49C6
2016-01-03 13:57 - 2015-12-07 14:18 - 00000000 ____D C:\Users\Damodaran.V
2016-01-03 07:10 - 2015-10-30 12:56 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 07:10 - 2015-10-30 12:56 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-11-29 17:55 - 2015-05-28 11:42 - 0001159 _____ () C:\Users\Damodaran.V\AppData\Roaming\movie.bat
2015-11-29 17:55 - 2015-11-29 17:55 - 0001041 _____ () C:\Users\Damodaran.V\AppData\Roaming\vol.bat
2016-01-10 13:01 - 2016-01-10 13:01 - 0000044 _____ () C:\Users\Damodaran.V\AppData\Roaming\WB.CFG
2015-08-11 07:55 - 2015-08-11 07:55 - 0000017 _____ () C:\Users\Damodaran.V\AppData\Local\resmon.resmoncfg
2015-12-07 14:14 - 2015-12-07 14:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-23 16:01 - 2015-05-23 16:02 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-05-23 15:57 - 2015-05-23 15:58 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-05-23 15:58 - 2015-05-23 15:59 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2015-05-23 15:59 - 2015-05-23 16:01 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-05-23 15:56 - 2015-05-23 15:56 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some files in TEMP:
====================
C:\Users\Damodaran.V\AppData\Local\Temp\avguirn_081926041368.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-01-27 18:13
==================== End of FRST.txt ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Damodaran.V (2016-01-28 10:14:03)
Running from C:\Users\Damodaran.V\Downloads
Windows 10 Home (X64) (2015-12-07 09:24:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2685571705-2690768861-2108707517-500 - Administrator - Disabled)
Damodaran.V (S-1-5-21-2685571705-2690768861-2108707517-1002 - Administrator - Enabled) => C:\Users\Damodaran.V
DefaultAccount (S-1-5-21-2685571705-2690768861-2108707517-503 - Limited - Disabled)
Guest (S-1-5-21-2685571705-2690768861-2108707517-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{4CD0E9CC-42B4-36B7-6FA1-424ED32D4AF3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.4.155 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{91E2DDB6-DC13-4585-8A10-04C6AB6F87A4}) (Version: 3.1.1900.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{17FFE63C-6734-4950-B488-134B5A2505F7}) (Version: 2.04.0280 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.93 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.2.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{90437913-9D4D-4D9D-B438-B8664DF851E9}) (Version: 1.7.1007.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Face Recognition (HKLM\...\{3E90A9D2-5A2B-4532-AEED-E526536D40B2}) (Version: 4.1.224.1 - Sensible Vision)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 14.0.6120 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.6.0.202 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
My Dell Learning Center (HKLM\...\{DC451A89-545E-4297-AC2C-9F239CE7D695}) (Version: 1.0.510.0 - Dell Inc.)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2685571705-2690768861-2108707517-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Damodaran.V\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {006A6B74-993F-45D5-98AF-CA0EA3D2F30F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0085DA3B-40ED-428C-A9BD-FEBDDD36B6EE} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {038841EC-24A9-46B8-8A9F-A1F05AF538ED} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {09CD4C11-A0D2-4C3E-AAD3-943F8B76CE61} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {167BF3AF-97B2-4802-B096-FCC5A0948179} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {1BD07168-FBF9-4338-9E37-86C03EED0B51} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-14] (Synaptics Incorporated)
Task: {36C0D943-7557-46F4-82A1-75AA01E42FE1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {38422ABD-64BC-4366-845D-C04F6FA6DCCB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3D3B6EA6-4558-4F69-98DF-FCE5D0351498} - System32\Tasks\Dell\Dell Product Registration => /boot /LSRC=autolaunch
Task: {406EAE57-959B-4DAE-8504-F3AE40A3218C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5106FA97-0FFD-4167-8AF4-F900C89BDC26} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {554C17DA-E154-4C62-8AD1-85CBF1A6DD1C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {57D52DF5-AC91-4BA7-AAA9-4081AE394B33} - System32\Tasks\0815scUpdateInfo => C:\ProgramData\Avg_Update_0815sc\0815sc_{1F86B026-4A7A-4117-87D2-B4F5E66B3FA0}.exe [2016-01-20] ()
Task: {6B5D39A9-E105-4225-8C35-B553A955B9A1} - System32\Tasks\Dell\Dell Product Registration Update => /updatecheck /LSRC=autolaunch
Task: {72E7728B-5C4E-414A-AB04-96F29D894E3C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7C8E0871-4B25-4352-85BC-22FD1E119340} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2015-11-02] (McAfee, Inc.)
Task: {83597DBB-B8AB-4B3A-83F6-A15859D50BF6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
Task: {8496FDBA-48A8-434C-B06E-6952DA098205} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-09-30] (Dell Inc.)
Task: {8510C503-21CC-4EFC-A65C-8361348EA613} - System32\Tasks\0116tbUpdateInfo => C:\ProgramData\Avg_Update_0116tb\0116tb_{CE09A40E-C31E-4633-B137-9EF888EDAAAF}.exe [2016-01-27] ()
Task: {9216B667-172C-4845-860A-1FF4B55F0EFC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {965D1966-172E-4EEB-8A60-22A0C3F10AFD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {9CFBBA00-D966-4CCD-8FC8-F689E549B1F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A66A698A-F7BD-4E4B-AB17-17C090148B4E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-27] (Microsoft Corporation)
Task: {A6CAD891-76CE-45BC-9158-B99500E40CE8} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\WINDOWS\TEMP\DeleteFolderTask.exe [2015-12-22] ()
Task: {A9EA4CE7-A848-41A6-A76E-36E531195F8F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-10-30] (PC-Doctor, Inc.)
Task: {ADAAEDDA-8B37-4B17-AFD2-E057CBEF16CB} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {AEA7DB46-4142-4E4F-9734-27B10E72F40E} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B3204276-CDD1-4148-8BF8-3FE4999DA93E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {D28EC0D4-2FD9-4168-9FF5-68FDDDE70068} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-11-03] (McAfee, Inc.)
Task: {D62F0B99-CC76-41F5-BCA9-F89D98C9F914} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E0CC4214-44E7-44E7-8DEA-872092841EE4} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-12-09] (McAfee, Inc.)
Task: {E1FB7E46-FBE9-412C-BE1C-6561D321D62D} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-12-09] (McAfee, Inc.)
Task: {F330C1E1-985F-4E4C-AC1B-5ABCC5A48030} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {FDDE75F5-6C44-41BA-8425-C2416F321463} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {FE15EF2F-19B7-4245-A094-A4CE39665FC0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-01-11 16:07 - 2016-01-11 16:07 - 01164688 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-11-04 16:43 - 2015-11-04 16:43 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-11 16:07 - 2016-01-11 16:07 - 00192912 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
2015-01-23 03:07 - 2015-01-23 03:07 - 00022528 _____ () C:\Program Files\Dell\My Dell Learning Center\MDLCSvc.exe
2015-12-03 14:33 - 2016-01-07 06:13 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-10-30 12:48 - 2015-10-30 12:48 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-07 18:00 - 2015-11-22 16:17 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-07 18:00 - 2015-11-22 16:17 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 08:06 - 2016-01-07 19:44 - 08903848 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2015-12-18 17:50 - 2015-12-07 09:44 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 17:50 - 2015-12-07 09:30 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 16:26 - 2016-01-05 06:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 16:25 - 2016-01-05 06:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-13 16:26 - 2016-01-05 06:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-13 16:26 - 2016-01-05 06:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-11 16:07 - 2016-01-11 16:07 - 02814864 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-08-08 11:38 - 2015-08-08 11:38 - 04358888 _____ () C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
2015-08-08 11:52 - 2015-08-08 11:52 - 00093928 _____ () C:\WINDOWS\SYSTEM32\FAIEExtension.DLL
2013-04-04 14:42 - 2013-04-04 14:42 - 00012424 _____ () C:\Program Files (x86)\Sensible Vision\Fast Access\MFCaptureD3D_2_DLL.dll
2016-01-11 16:07 - 2016-01-11 16:07 - 00533904 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\log4cplusU.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-10 20:16 - 2016-01-10 20:15 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-01-10 11:06 - 2015-08-03 22:41 - 01884160 _____ () C:\Users\Damodaran.V\AppData\Local\Chromium\Application\46.0.2472.0\libglesv2.dll
2016-01-10 11:06 - 2015-08-03 22:41 - 00075264 _____ () C:\Users\Damodaran.V\AppData\Local\Chromium\Application\46.0.2472.0\libegl.dll
2015-05-23 15:57 - 2013-03-05 09:10 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 22:11 - 2013-03-05 22:11 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-01-15 15:10 - 2016-01-12 22:05 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-15 15:10 - 2016-01-12 22:05 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
2016-01-20 14:04 - 2016-01-19 14:06 - 16792256 _____ () C:\Users\Damodaran.V\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.286\pepflashplayer.dll
2016-01-05 22:47 - 2015-12-19 05:22 - 01607920 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2015-05-23 16:19 - 2012-11-26 08:49 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-05-23 16:18 - 2014-02-19 00:42 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Syst6C1C49C6:$WIMMOUNTDATA
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 18:55 - 2013-08-22 18:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2685571705-2690768861-2108707517-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Damodaran.V\Pictures\New folder\DSC00002.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "FAStartup"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A28414AD-C99A-45A1-8593-848FCFE9F566}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5F1ECB46-0B3E-48FC-89F1-420BC21CF7F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84E8A6A0-F0F5-48DE-B07F-0E8E15B1937D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6BA10DB3-DDE7-4A05-8A8C-8D73797AEE62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3A53CA88-D5EB-4761-80D5-E7C84CC32FBF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{49D36C68-B52D-4F27-91F5-BE4079AD0EAD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1C0B7367-3CBF-444A-A29F-53629505FA0B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97AAAB00-34D6-448F-B131-E4D3FC19E29B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{07EF1B86-131A-469D-8C19-E8853401DA43}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{48A43455-450F-4390-B2FC-FEB51C3D8FE1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{FC58F80C-A0F3-4B84-B513-889204752A4D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{A8411A57-9947-4E2E-819B-5B67FBEE0A79}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{70F03942-F0A6-4555-8429-8A1B72B66DC0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{AC8FAC09-4330-425F-83C0-DE9AE930BF33}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{02DCBFC0-7B49-4652-8CB7-DC09C6265B45}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{20847ED3-DB46-4054-A698-462D2BA7EAC2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{EE87668B-E2FE-4BD5-BBD0-9763ED2499A2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{DE524744-6AA6-4665-BD70-C1A36C019A66}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
27-01-2016 18:14:39 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/28/2016 09:47:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MOM.exe, version: 4.5.0.0, time stamp: 0x53ad0e3f
Faulting module name: KERNELBASE.dll, version: 10.0.10586.0, time stamp: 0x5632d1de
Exception code: 0xe0434352
Fault offset: 0x0000000000071f08
Faulting process id: 0x67c
Faulting application start time: 0xMOM.exe0
Faulting application path: MOM.exe1
Faulting module path: MOM.exe2
Report Id: MOM.exe3
Faulting package full name: MOM.exe4
Faulting package-relative application ID: MOM.exe5
Error: (01/28/2016 09:47:30 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: MOM.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileLoadException
at ATI.ACE.MOM.Implementation.MOM.Main(System.String[])
Exception Info: System.Reflection.TargetInvocationException
at System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
at System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
at System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
at System.Type.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[])
at ATI.ACE.MOM.EXE.MOM.Main(System.String[])
Error: (01/27/2016 09:57:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60172
Error: (01/27/2016 09:57:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60172
Error: (01/27/2016 09:57:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/27/2016 09:57:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 44375
Error: (01/27/2016 09:57:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 44375
Error: (01/27/2016 09:57:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/27/2016 09:56:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28984
Error: (01/27/2016 09:56:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28984
System errors:
=============
Error: (01/28/2016 09:49:31 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (01/28/2016 09:46:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.
Error: (01/27/2016 09:57:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.
Error: (01/27/2016 09:56:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.
Error: (01/27/2016 09:56:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_e485d40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (01/27/2016 09:56:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_e485d40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (01/27/2016 09:56:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_e485d40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (01/27/2016 09:56:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_e485d40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (01/27/2016 09:56:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (01/27/2016 07:32:21 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
CodeIntegrity:
===================================
Date: 2016-01-27 19:45:10.366
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-22 08:12:27.481
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-19 12:49:00.103
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-16 19:39:07.788
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-16 19:39:07.719
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-16 18:37:50.079
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-16 18:37:50.020
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-16 18:01:51.953
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-16 18:01:51.922
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-16 18:01:50.809
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD A6-6310 APU with AMD Radeon R4 Graphics
Percentage of memory in use: 70%
Total physical RAM: 3512.5 MB
Available physical RAM: 1032.89 MB
Total Virtual: 4664.5 MB
Available Virtual: 1061.25 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:455.51 GB) (Free:387.28 GB) NTFS
Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
Drive x: () (Fixed) (Total:0.45 GB) (Free:0.09 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 15EF88BC)
Partition: GPT.
==================== End of Addition.txt ============================