Inactive The specified service does not exist as an installed service

Status
Not open for further replies.

Nishith

TS Rookie
Hey, my name is Nishith and I have a massive problem!

I'am using Windows 7 service pack 1. I can't access any Micosoft site and antivirus site and when I try to install standalone ".net framework" it fails saying 'The specified service does not exist as an installed service'. I tried some solutions that I have found on the internet but nothing worked.

Please give me steps on how I could solve this problem! I have not made any backups unfortunately. I want to solve this, so please help me :)!
 

Nishith

TS Rookie
I have run Farbar Recovery Scan Tool 64-Bit tool and below is the log file text.

Please help with further steps.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-09-2019
Ran by SYSTEM on MININT-4PFSLAI (06-09-2019 23:39:03)
Running from F:\
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\Rajshree\...\Run: [] => [X]
HKU\Rajshree\...\Run: [{579950C2-E4DF-46F6-A711-E505BA0C046A}] => powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\VGXlwExpTEC').NMKMN))); <==== ATTENTION
HKU\Rajshree\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\Rajshree\...\Winlogon: [Shell] C:\Windows\explorer.exe [2872320 2010-11-20] (Microsoft Corporation) <==== ATTENTION
BootExecute: autocheck autochk * aswBoot.exe /A:"C:" /A:"* STARTUP" /L:"1033" /heur:80 /RA:fix /pup /archives /IA:0 /KBD:2 /wow /dir:"C:\Program Files\AVAST Software\Avast"

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03AF501E-0CAC-434C-A2F5-B269A05E09F1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [36352 2013-08-30] (Intel Corporation)
Task: {09702D74-0333-4A3F-8BC8-9165FD8F50B8} - \ScheduledUpdate -> No File <==== ATTENTION
Task: {1981A33F-EFAF-444E-813F-A1BA0CCD7E12} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F0AB79B-C0C7-4B7C-AB07-EC9D41AC8709} - \{4D2A60E7-B009-4D6B-9851-2AEF59CB1071} -> No File <==== ATTENTION
Task: {22DCECDE-A955-45D6-8268-C6E6A7B83289} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-14] (Adobe Inc. -> Adobe)
Task: {2B1619D9-3BCF-4BDB-8C65-BAECEAB5C55A} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27612608 2018-03-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {2EA7C439-DC01-400F-8E08-EE770B266858} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_pepper.exe [1452600 2019-08-14] (Adobe Inc. -> Adobe)
Task: {3E5D2400-5893-4378-9C05-D7D761E2BC3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {4493347B-3E73-45B7-A942-8E2E99EB367E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4D6FD0B1-20A0-4EA8-8B87-76B5B17A5C68} - \rterdogzkipto -> No File <==== ATTENTION
Task: {4FA5D15E-125E-4C96-B65E-219CD5BFD0A4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-23] (Adobe Inc. -> Adobe Systems)
Task: {5391FFD9-330F-4A27-8256-2401069274A2} - \{C8231680-F4EA-4662-A56B-356EAEBD2E4C} -> No File <==== ATTENTION
Task: {58E75338-9849-4FD7-AE0C-5B62C80352C1} - \csrss -> No File <==== ATTENTION
Task: {628ACAE7-D2FF-4E13-A9EE-674F793E5EC3} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [70016 2019-05-15] (Oracle America, Inc. -> Oracle Corporation)
Task: {7F8ADBC6-0581-4682-BD21-79527730AC2C} - \Run_dregol -> No File <==== ATTENTION
Task: {97E30D37-178E-4070-BDC1-7E8B0FEBF8BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {A7D3DDF3-E955-41B2-B86E-5B31FBB25659} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {CE97A278-06BB-4937-BE7E-020F8B69FA5E} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation -> Intel Corporation)
Task: {D7DAA4FE-7F4B-4BA9-9778-B37811D343F4} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Windows\system32\igfxpers.exe [441888 2012-10-15] (Intel Corporation - pGFX -> Intel Corporation)
Task: {DEE4AFBB-1BF5-4378-91C6-6552D12A4546} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFF948FF-EAA4-4D86-91E8-D5361352DD41} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-05] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {E444064B-7EAF-482E-B4A1-C77CE30DC81E} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64096 2018-03-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E4697A15-CEB9-4289-B096-270C4495D6B4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E89A5CE8-A05C-4E62-B2E8-E5F44DF03A1F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FF6D0526-A771-4686-BBB5-C890EAEA1E60} - \fytafqaxnshcbca -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [582016 2019-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2940584 2018-03-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [47479224 2019-06-26] (Oracle America, Inc. -> )
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH -> TeamViewer GmbH)
S2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-02-05] (Qualcomm Atheros -> Atheros)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation)
S1 AFD; C:\Windows\system32\drivers\afd.sys [497664 2015-10-13] (Microsoft Corporation)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2015-10-01] (Microsoft Corporation)
S1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-22] (Microsoft Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
S3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [41984 2009-07-13] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
S3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-13] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2011-04-27] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2011-04-27] (Microsoft Corporation)
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
S3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation)
S1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-20] (Microsoft Corporation)
S1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-20] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2015-12-08] (Microsoft Corporation)
S3 fihoamkx; no ImagePath
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
S3 HTTP; C:\Windows\System32\drivers\HTTP.sys [754688 2015-02-24] (Microsoft Corporation)
S0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5343584 2012-10-15] (Intel Corporation)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2012-06-18] (Intel(R) Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
S2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
S2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
S3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [141312 2016-01-07] (Microsoft Corporation)
S3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [159232 2016-02-11] (Microsoft Corporation)
S3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [290816 2016-02-11] (Microsoft Corporation)
S3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [129024 2016-02-11] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation)
S3 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663552 2015-02-02] (Microsoft Corporation)
S1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
S3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
S1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-20] (Microsoft Corporation)
S1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
S1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [20992 2015-06-11] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-16] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-13] (Microsoft Corporation)
S2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-20] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation)
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2013-11-22] (Synaptics Incorporated -> Synaptics Incorporated)
S3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-28] (Microsoft Corporation)
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-28] (Microsoft Corporation)
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-28] (Microsoft Corporation)
S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45056 2010-11-20] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-16] (Microsoft Corporation)
S1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [118272 2015-10-13] (Microsoft Corporation)
S3 terminpt; C:\Windows\system32\drivers\terminpt.sys [34816 2010-11-20] (Microsoft Corporation)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2014-07-16] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [31232 2010-11-20] (Microsoft Corporation)
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-20] (Microsoft Corporation)
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation)
S3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109824 2013-07-12] (Microsoft Corporation)
S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-26] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
S3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [53248 2013-11-26] (Microsoft Corporation)
S3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-26] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [42496 2013-07-02] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2016-02-03] (Microsoft Corporation)
S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
S3 usb_rndisx; C:\Windows\system32\drivers\usb8023x.sys [19968 2013-02-11] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
S3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
S1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
S3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-13] (Microsoft Corporation)
S1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2010-11-20] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2010-11-20] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-06 23:38 - 2019-09-06 23:39 - 000000000 ____D C:\FRST
2019-09-06 09:23 - 2019-09-06 10:03 - 000000000 ____D C:\001ba2d0c55f4befd9
2019-09-06 09:20 - 2019-09-06 09:20 - 000000082 _____ C:\Users\Rajshree\Desktop\cc_20190906_225002.reg
2019-09-06 07:26 - 2019-09-06 07:26 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-06 07:16 - 2019-09-06 07:16 - 020889016 _____ (Piriform Software Ltd) C:\Users\Rajshree\Downloads\ccsetup561.exe
2019-09-06 07:02 - 2019-09-06 07:02 - 019064408 _____ (Advanced System Repair, Inc.) C:\Users\Rajshree\Downloads\ASR_G-Installer.exe
2019-09-06 07:02 - 2019-09-06 07:02 - 019064408 _____ (Advanced System Repair, Inc.) C:\Users\Rajshree\Downloads\ASR_G-Installer (1).exe
2019-09-06 06:36 - 2019-09-06 06:44 - 000000000 ____D C:\03cbeb935e4ee938d6f471c9
2019-09-06 06:26 - 2019-09-06 06:26 - 000000123 _____ C:\Users\Rajshree\Desktop\cmdCommand.txt
2019-09-05 06:03 - 2019-09-05 08:58 - 000000000 ____D C:\ProgramData\Porland
2019-09-05 05:58 - 2019-09-05 05:58 - 000000000 ____D C:\Users\Rajshree\AppData\Roaming\EpicNet Inc
2019-09-05 05:56 - 2019-09-05 05:56 - 000000000 ____D C:\Users\Rajshree\AppData\Roaming\mhvybdfmufld
2019-09-05 05:45 - 2019-09-05 05:45 - 000000643 _____ C:\Users\Rajshree\Desktop\iot Links.txt
2019-09-05 02:54 - 2019-09-05 05:22 - 000000000 ____D C:\MinGW
2019-09-05 02:42 - 2019-09-05 02:53 - 000000000 ____D C:\Users\Rajshree\softwares
2019-09-05 02:09 - 2019-09-05 02:09 - 000000000 ____D C:\Users\Rajshree\.p2
2019-08-23 01:29 - 2019-08-23 01:29 - 000117328 _____ C:\Users\Rajshree\Downloads\Rajshree_CV.pdf
2019-08-22 10:59 - 2019-08-22 10:59 - 000000000 ____D C:\Users\Rajshree\AppData\Roaming\MySQL
2019-08-22 10:49 - 2019-08-22 10:50 - 000000000 ____D C:\Program Files\MySQL
2019-08-22 10:42 - 2019-08-22 10:42 - 014572000 _____ (Microsoft Corporation) C:\Users\Rajshree\Downloads\vc_redist.x64.exe
2019-08-22 10:32 - 2019-08-22 10:59 - 000000000 ____D C:\ProgramData\MySQL
2019-08-22 10:30 - 2019-08-22 10:30 - 000000000 ____D C:\Users\Rajshree\AppData\Roaming\Sun
2019-08-22 10:27 - 2019-08-22 10:28 - 000000000 ____D C:\Program Files\Java
2019-08-22 09:51 - 2019-08-22 09:58 - 225811416 _____ (Oracle Corporation) C:\Users\Rajshree\Downloads\jdk-8u221-windows-x64.exe
2019-08-22 09:33 - 2019-08-22 09:35 - 069999448 _____ (Microsoft Corporation) C:\Users\Rajshree\Downloads\NDP452-KB2901907-x86-x64-AllOS-ENU.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-06 08:24 - 2016-03-28 20:24 - 000000000 ____D C:\ProgramData\Avira
2019-09-06 07:30 - 2016-06-16 08:08 - 000000000 ____D C:\Users\Rajshree\AppData\Local\ElevatedDiagnostics
2019-09-06 07:26 - 2017-06-19 21:05 - 000000000 ____D C:\Program Files\CCleaner
2019-09-05 10:09 - 2016-01-26 00:20 - 000000000 ____D C:\ProgramData\Package Cache
2019-09-05 05:35 - 2017-06-19 21:29 - 000000000 ____D C:\Users\Rajshree\workspace
2019-09-05 05:34 - 2017-06-19 21:30 - 000000000 ____D C:\Users\Rajshree\AppData\Local\Eclipse
2019-09-05 05:28 - 2017-10-12 00:55 - 000000000 ____D C:\ProgramData\HP
2019-09-05 05:27 - 2016-03-29 08:25 - 000000000 ____D C:\ProgramData\Cisco
2019-09-05 04:45 - 2018-03-26 22:15 - 000000000 ____D C:\Users\Public\Speedup Sessions
2019-08-22 09:29 - 2016-06-02 22:25 - 000000000 ____D C:\Users\Rajshree\Downloads\OotyPics

==================== FLock ================

2019-09-06 09:22 C:\hiberfil.sys

==================== KnownDLLs (Whitelisted) =========================


==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============


==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 3983.36 MB
Available physical RAM: 3280.54 MB
Total Virtual: 3981.55 MB
Available Virtual: 3257.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:261.86 GB) (Free:205.55 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:100 GB) (Free:44.27 GB) NTFS
Drive f: (NISHITHOFSS) (Removable) (Total:14.52 GB) (Free:11.95 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 87B57FE3)
Partition 1: (Not Active) - (Size=100 GB) - (Type=83)
Partition 2: (Active) - (Size=261.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3.9 GB) - (Type=05)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 14.5 GB) (Disk ID: 394D8611)
Partition 1: (Active) - (Size=14.5 GB) - (Type=0C)

LastRegBack: 2019-09-04 00:49
==================== End of FRST.txt ============================
 

Nishith

TS Rookie
Update frst.txt text:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-09-2019
Ran by Rajshree (administrator) on RAJSHREE-PC (Dell Inc. Inspiron 3521) (07-09-2019 00:02:57)
Running from E:\
Loaded Profiles: Rajshree (Available Profiles: Rajshree)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-811263216-3352323111-4138218245-1000\...\Run: [] => [X]
HKU\S-1-5-21-811263216-3352323111-4138218245-1000\...\Run: [{579950C2-E4DF-46F6-A711-E505BA0C046A}] => powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\VGXlwExpTEC').NMKMN))); <==== ATTENTION
HKU\S-1-5-21-811263216-3352323111-4138218245-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-811263216-3352323111-4138218245-1000\...\MountPoints2: {4bcff67d-345a-11e6-a0e1-645a04b70b59} - G:\AutoRun.exe
HKU\S-1-5-21-811263216-3352323111-4138218245-1000\...\MountPoints2: {4bcff6af-345a-11e6-a0e1-645a04b70b59} - G:\AutoRun.exe
HKU\S-1-5-21-811263216-3352323111-4138218245-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2872320 2010-11-21] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-09-04] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
BootExecute: autocheck autochk * aswBoot.exe /A:"C:" /A:"* STARTUP" /L:"1033" /heur:80 /RA:fix /pup /archives /IA:0 /KBD:2 /wow /dir:"C:\Program Files\AVAST Software\Avast"
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-811263216-3352323111-4138218245-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03AF501E-0CAC-434C-A2F5-B269A05E09F1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [36352 2013-08-30] (Intel Corporation) [File not signed]
Task: {09702D74-0333-4A3F-8BC8-9165FD8F50B8} - \ScheduledUpdate -> No File <==== ATTENTION
Task: {1981A33F-EFAF-444E-813F-A1BA0CCD7E12} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F0AB79B-C0C7-4B7C-AB07-EC9D41AC8709} - \{4D2A60E7-B009-4D6B-9851-2AEF59CB1071} -> No File <==== ATTENTION
Task: {22DCECDE-A955-45D6-8268-C6E6A7B83289} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-15] (Adobe Inc. -> Adobe)
Task: {2B1619D9-3BCF-4BDB-8C65-BAECEAB5C55A} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27612608 2018-03-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {2EA7C439-DC01-400F-8E08-EE770B266858} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_pepper.exe [1452600 2019-08-15] (Adobe Inc. -> Adobe)
Task: {3E5D2400-5893-4378-9C05-D7D761E2BC3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {4493347B-3E73-45B7-A942-8E2E99EB367E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4D6FD0B1-20A0-4EA8-8B87-76B5B17A5C68} - \rterdogzkipto -> No File <==== ATTENTION
Task: {4FA5D15E-125E-4C96-B65E-219CD5BFD0A4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {5391FFD9-330F-4A27-8256-2401069274A2} - \{C8231680-F4EA-4662-A56B-356EAEBD2E4C} -> No File <==== ATTENTION
Task: {58E75338-9849-4FD7-AE0C-5B62C80352C1} - \csrss -> No File <==== ATTENTION
Task: {628ACAE7-D2FF-4E13-A9EE-674F793E5EC3} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [70016 2019-05-15] (Oracle America, Inc. -> Oracle Corporation)
Task: {7F8ADBC6-0581-4682-BD21-79527730AC2C} - \Run_dregol -> No File <==== ATTENTION
Task: {97E30D37-178E-4070-BDC1-7E8B0FEBF8BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {A7D3DDF3-E955-41B2-B86E-5B31FBB25659} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {CE97A278-06BB-4937-BE7E-020F8B69FA5E} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-23] (Intel Corporation -> Intel Corporation)
Task: {D7DAA4FE-7F4B-4BA9-9778-B37811D343F4} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Windows\system32\igfxpers.exe [441888 2012-10-16] (Intel Corporation - pGFX -> Intel Corporation)
Task: {DEE4AFBB-1BF5-4378-91C6-6552D12A4546} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFF948FF-EAA4-4D86-91E8-D5361352DD41} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {E444064B-7EAF-482E-B4A1-C77CE30DC81E} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64096 2018-03-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E4697A15-CEB9-4289-B096-270C4495D6B4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E89A5CE8-A05C-4E62-B2E8-E5F44DF03A1F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FF6D0526-A771-4686-BBB5-C890EAEA1E60} - \fytafqaxnshcbca -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 202.83.21.43 202.83.21.25
Tcpip\..\Interfaces\{3C0A095C-6E09-40BA-B15A-89FE9296E234}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A1D807B3-6BF1-4B5A-82BB-1B0661BD6F17}: [NameServer] 213.166.69.3,185.143.221.60
Tcpip\..\Interfaces\{A1D807B3-6BF1-4B5A-82BB-1B0661BD6F17}: [DhcpNameServer] 202.83.21.43 202.83.21.25
Tcpip\..\Interfaces\{C563CA51-AD50-44D2-BA09-CCAFE667E0DF}: [NameServer] 213.166.69.3,185.143.221.60,202.56.230.2,202.56.230.7
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.2.1,-1]

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.com/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.com/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.com/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.com/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.com/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.com/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.com/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.com/#/?show_is=1&source=art
HKU\S-1-5-21-811263216-3352323111-4138218245-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.com/#/?show_is=1&source=art
HKU\S-1-5-21-811263216-3352323111-4138218245-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-in/?ocid=iehp
HKU\S-1-5-21-811263216-3352323111-4138218245-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.com/#/?show_is=1&source=art
HKU\S-1-5-21-811263216-3352323111-4138218245-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.com/#/?show_is=1&source=art
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Rajshree\AppData\Roaming\Mozilla\Firefox\Profiles\6RnhR4jM.default [2019-09-05]
FF user.js: detected! => C:\Users\Rajshree\AppData\Roaming\Mozilla\Firefox\Profiles\6RnhR4jM.default\user.js [2019-09-05]
FF Extension: (Avira Browser Safety) - C:\Users\Rajshree\AppData\Roaming\Mozilla\Firefox\Profiles\6RnhR4jM.default\Extensions\abs@avira.com.xpi [2016-03-29] [Legacy]
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-08-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-811263216-3352323111-4138218245-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Rajshree\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-05-18] (Citrix Online -> Citrix Online)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default [2019-09-06]
CHR Extension: (Slides) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-07]
CHR Extension: (YouTube) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-09-01]
CHR Extension: (Google Search) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-07]
CHR Extension: (Sheets) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Avira Browser Safety) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-08-17]
CHR Extension: (Google Docs Offline) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-04]
CHR Extension: (AdBlock) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-09-05]
CHR Extension: (Hotspot Shield VPN Free Proxy – Unblock Sites) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2019-04-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-07]
CHR Extension: (Chrome Update Tool) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjdblhobihaknilfmfjfpidfblgajmk [2019-09-05]
CHR Extension: (Gmail) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Rajshree\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [582016 2019-08-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2940584 2018-03-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [47479224 2019-06-26] (Oracle America, Inc. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH -> TeamViewer GmbH)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-21] (Microsoft Corporation) [File not signed]
S2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-02-06] (Qualcomm Atheros -> Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [3851776 2013-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 fihoamkx; no ImagePath
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2013-11-22] (Synaptics Incorporated -> Synaptics Incorporated)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-07 13:08 - 2019-09-07 00:02 - 000000000 ____D C:\FRST
2019-09-06 22:53 - 2019-09-06 23:33 - 000000000 ____D C:\001ba2d0c55f4befd9
2019-09-06 22:50 - 2019-09-06 22:50 - 000000082 _____ C:\Users\Rajshree\Desktop\cc_20190906_225002.reg
2019-09-06 21:45 - 2019-09-06 21:50 - 000174364 _____ C:\Windows\ntbtlog.txt
2019-09-06 20:56 - 2019-09-07 00:02 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-09-06 20:56 - 2019-09-06 20:56 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-06 20:56 - 2019-09-06 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-09-06 20:46 - 2019-09-06 20:46 - 020889016 _____ (Piriform Software Ltd) C:\Users\Rajshree\Downloads\ccsetup561.exe
2019-09-06 20:32 - 2019-09-06 20:32 - 019064408 _____ (Advanced System Repair, Inc.) C:\Users\Rajshree\Downloads\ASR_G-Installer.exe
2019-09-06 20:32 - 2019-09-06 20:32 - 019064408 _____ (Advanced System Repair, Inc.) C:\Users\Rajshree\Downloads\ASR_G-Installer (1).exe
2019-09-06 20:06 - 2019-09-06 20:14 - 000000000 ____D C:\03cbeb935e4ee938d6f471c9
2019-09-06 19:56 - 2019-09-06 19:56 - 000000123 _____ C:\Users\Rajshree\Desktop\cmdCommand.txt
2019-09-06 00:32 - 2019-09-06 00:32 - 000002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-09-06 00:01 - 2019-09-06 00:01 - 005572032 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2019-09-06 00:01 - 2019-09-06 00:01 - 000619056 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2019-09-05 19:33 - 2019-09-05 22:28 - 000000000 ____D C:\ProgramData\Porland
2019-09-05 19:28 - 2019-09-05 19:28 - 000000000 ____D C:\Users\Rajshree\AppData\Roaming\EpicNet Inc
2019-09-05 19:27 - 2019-09-05 22:32 - 000000000 ____D C:\Program Files (x86)\MachinerData
2019-09-05 19:26 - 2019-09-06 16:02 - 000000000 ___HD C:\Windows\rss
2019-09-05 19:26 - 2019-09-05 19:26 - 000000000 ____D C:\Users\Rajshree\AppData\Roaming\mhvybdfmufld
2019-09-05 19:15 - 2019-09-05 19:15 - 000000643 _____ C:\Users\Rajshree\Desktop\iot Links.txt
2019-09-05 16:25 - 2019-09-05 16:25 - 000000959 _____ C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\MinGW Installation Manager.lnk
2019-09-05 16:24 - 2019-09-05 18:52 - 000000000 ____D C:\MinGW
2019-09-05 16:12 - 2019-09-05 16:23 - 000000000 ____D C:\Users\Rajshree\softwares
2019-09-05 15:39 - 2019-09-05 15:39 - 000000000 ____D C:\Users\Rajshree\.p2
2019-08-23 14:59 - 2019-08-23 14:59 - 000117328 _____ C:\Users\Rajshree\Downloads\Rajshree_CV.pdf
2019-08-23 00:29 - 2019-08-23 00:29 - 000000000 ____D C:\Users\Rajshree\AppData\Roaming\MySQL
2019-08-23 00:19 - 2019-08-23 00:20 - 000000000 ____D C:\Program Files\MySQL
2019-08-23 00:12 - 2019-08-23 00:12 - 014572000 _____ (Microsoft Corporation) C:\Users\Rajshree\Downloads\vc_redist.x64.exe
2019-08-23 00:02 - 2019-08-23 00:29 - 000000000 ____D C:\ProgramData\MySQL
2019-08-23 00:02 - 2019-08-23 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2019-08-23 00:02 - 2019-08-23 00:17 - 000000000 ____D C:\Program Files (x86)\MySQL
2019-08-23 00:02 - 2019-08-23 00:02 - 000000000 ____D C:\Windows\System32\Tasks\MySQL
2019-08-23 00:00 - 2019-08-23 00:00 - 000000000 ____D C:\Users\Rajshree\AppData\Roaming\Sun
2019-08-23 00:00 - 2019-08-23 00:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-08-23 00:00 - 2019-08-22 23:59 - 000110064 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2019-08-22 23:58 - 2019-08-23 00:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2019-08-22 23:57 - 2019-08-22 23:58 - 000000000 ____D C:\Program Files\Java
2019-08-22 23:21 - 2019-08-22 23:28 - 225811416 _____ (Oracle Corporation) C:\Users\Rajshree\Downloads\jdk-8u221-windows-x64.exe
2019-08-22 23:03 - 2019-08-22 23:05 - 069999448 _____ (Microsoft Corporation) C:\Users\Rajshree\Downloads\NDP452-KB2901907-x86-x64-AllOS-ENU.exe

==================== Three months (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-06 23:56 - 2009-07-14 10:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-09-06 23:33 - 2009-07-14 10:15 - 000024096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-09-06 23:33 - 2009-07-14 10:15 - 000024096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-09-06 21:54 - 2016-03-29 09:54 - 000000000 ____D C:\ProgramData\Avira
2019-09-06 21:54 - 2016-03-29 09:54 - 000000000 ____D C:\Program Files (x86)\Avira
2019-09-06 21:53 - 2016-03-29 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-09-06 21:53 - 2009-07-14 08:50 - 000000000 ____D C:\Windows\inf
2019-09-06 21:32 - 2009-07-14 10:43 - 000718414 _____ C:\Windows\system32\PerfStringBackup.INI
2019-09-06 21:04 - 2009-07-14 10:38 - 000032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-09-06 21:01 - 2009-07-14 08:50 - 000000000 ____D C:\Windows\system32\NDF
2019-09-06 21:00 - 2016-06-16 21:38 - 000000000 ____D C:\Users\Rajshree\AppData\Local\ElevatedDiagnostics
2019-09-06 20:56 - 2017-06-20 10:35 - 000000000 ____D C:\Program Files\CCleaner
2019-09-06 00:37 - 2016-01-04 15:51 - 000000000 ____D C:\Windows\Minidump
2019-09-06 00:34 - 2017-10-12 14:25 - 000003634 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1510 series
2019-09-05 23:39 - 2016-01-26 13:50 - 000000000 ____D C:\ProgramData\Package Cache
2019-09-05 22:24 - 2017-06-19 22:08 - 000000000 ____D C:\Windows\pss
2019-09-05 21:53 - 2017-10-12 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-09-05 21:53 - 2017-10-12 14:25 - 000000000 ____D C:\Program Files (x86)\HP
2019-09-05 19:26 - 2015-06-03 20:09 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-05 19:05 - 2017-06-20 10:59 - 000000000 ____D C:\Users\Rajshree\workspace
2019-09-05 19:04 - 2017-06-20 11:00 - 000000000 ____D C:\Users\Rajshree\AppData\Local\Eclipse
2019-09-05 18:58 - 2017-10-12 14:25 - 000000000 ____D C:\ProgramData\HP
2019-09-05 18:57 - 2016-03-29 21:55 - 000000000 ____D C:\ProgramData\Cisco
2019-09-05 18:57 - 2015-06-03 19:54 - 000000000 ____D C:\Program Files (x86)\Cisco
2019-09-05 18:15 - 2018-03-27 11:45 - 000000000 ____D C:\Users\Public\Speedup Sessions
2019-09-05 16:13 - 2015-06-03 18:31 - 000000000 ____D C:\Users\Rajshree
2019-09-04 12:40 - 2015-06-03 20:15 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-01 15:43 - 2019-02-15 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-08-22 23:15 - 2015-06-04 10:43 - 000776584 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-08-22 22:59 - 2016-06-03 11:55 - 000000000 ____D C:\Users\Rajshree\Downloads\OotyPics
2019-08-22 22:52 - 2017-06-20 10:41 - 000299504 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2019-08-22 22:25 - 2018-01-08 19:20 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-08-15 07:47 - 2016-10-01 18:34 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-08-15 07:40 - 2017-06-01 16:37 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-08-15 07:40 - 2017-06-01 16:37 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-08-15 07:40 - 2017-06-01 16:37 - 000004486 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-08-15 07:40 - 2017-06-01 16:37 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-08-15 07:39 - 2017-06-01 16:37 - 000000000 ____D C:\Windows\system32\Macromed
2019-08-15 07:39 - 2017-06-01 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed

==================== Files in the root of some directories ================

2015-12-13 12:38 - 2015-12-13 12:40 - 009237240 _____ (Connectify) C:\Program Files (x86)\Connectify2016Installer.exe
2015-12-11 19:25 - 2015-12-12 19:16 - 000016384 _____ () C:\Users\Rajshree\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheckExt ================

2015-06-04 11:12 - 2013-02-03 18:41 - 000440320 _____ (Atheros) C:\Windows\system32\athihvs.dll
2015-06-03 19:54 - 2013-02-03 18:42 - 000060416 ____N (Atheros) C:\Windows\system32\athihvui.dll
2019-09-06 00:01 - 2019-09-06 00:01 - 005572032 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2019-09-06 00:01 - 2019-09-06 00:01 - 000619056 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2014-04-19 06:20 - 2014-04-19 06:20 - 000000731 _____ C:\Windows\system32\RTSLCS.dll
2016-01-28 16:58 - 2012-07-04 10:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-01-28 17:00 - 2013-02-23 07:08 - 000041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2016-01-28 23:11 - 2016-01-28 23:09 - 000417064 _____ () C:\Users\Rajshree\Downloads\DellSystemDetect.exe
2016-06-16 22:33 - 2016-06-16 22:34 - 006427748 _____ (DVDVideoMedia, Inc. ) C:\Users\Rajshree\Downloads\free-video-cutter-joiner.exe
2016-01-28 16:40 - 2016-01-28 16:41 - 001194670 _____ (Huntersoft ) C:\Users\Rajshree\Downloads\UnknownDeviceIdentifier.exe

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=C:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {bd862ce0-4682-11e4-9db3-fe3216da34f3}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0

Windows Boot Loader
-------------------
identifier {bd862cde-4682-11e4-9db3-fe3216da34f3}
device ramdisk=[C:]\Recovery\bd862cde-4682-11e4-9db3-fe3216da34f3\Winre.wim,{bd862cdf-4682-11e4-9db3-fe3216da34f3}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\bd862cde-4682-11e4-9db3-fe3216da34f3\Winre.wim,{bd862cdf-4682-11e4-9db3-fe3216da34f3}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {bd862ce2-4682-11e4-9db3-fe3216da34f3}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {bd862ce0-4682-11e4-9db3-fe3216da34f3}
nx OptIn

Windows Boot Loader
-------------------
identifier {bd862ce2-4682-11e4-9db3-fe3216da34f3}
device ramdisk=[C:]\Recovery\bd862ce2-4682-11e4-9db3-fe3216da34f3\Winre.wim,{bd862ce3-4682-11e4-9db3-fe3216da34f3}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\bd862ce2-4682-11e4-9db3-fe3216da34f3\Winre.wim,{bd862ce3-4682-11e4-9db3-fe3216da34f3}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {bd862ce0-4682-11e4-9db3-fe3216da34f3}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {bd862cdf-4682-11e4-9db3-fe3216da34f3}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\bd862cde-4682-11e4-9db3-fe3216da34f3\boot.sdi

Device options
--------------
identifier {bd862ce3-4682-11e4-9db3-fe3216da34f3}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\bd862ce2-4682-11e4-9db3-fe3216da34f3\boot.sdi


LastRegBack: 2019-09-04 14:19
==================== End of FRST.txt ============================
 

Nishith

TS Rookie
Shortcut.txt text:

Users shortcut scan result (x64) Version: 04-09-2019
Ran by Rajshree (07-09-2019 00:11:10)
Running from E:\
Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk -> C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Viper\Uninstall Viper Plagiarism Scanner.lnk -> C:\Program Files (x86)\All Answers Ltd\Viper\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Viper\Viper Plagiarism Scanner.lnk -> C:\Program Files (x86)\All Answers Ltd\Viper\WinCobra.exe (All Answers)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL\MySQL Shell.lnk -> C:\Program Files\MySQL\MySQL Shell 8.0\bin\mysqlsh.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Skype for Business Recording Manager.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Dashboard for Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Log for Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk -> C:\Program Files\Java\jdk1.8.0_221\bin\jmc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_221\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot\HotSpot.lnk -> C:\Program Files (x86)\Dell Wireless\HotSpot.exe (Atheros Communication)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -> C:\Program Files\Microsoft Games\Chess\Chess.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk -> C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\GameExplorer.lnk -> C:\Windows\System32\gameux.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk -> C:\Program Files\Microsoft Games\Hearts\Hearts.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -> C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgzm.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -> C:\Program Files\Microsoft Games\Multiplayer\Checkers\chkrzm.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -> C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -> C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk -> C:\Program Files\Microsoft Games\Minesweeper\Minesweeper.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from Microsoft.lnk -> C:\Program Files\Microsoft Games\More Games\MoreGames.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Purble Place.lnk -> C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk -> C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk -> C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoMedia\Free Video Cutter Joiner.lnk -> C:\Program Files\DVDVideoMedia\Free Video Cutter Joiner\Free Video Cutter Joiner.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoMedia\Uninstall Free Video Cutter Joiner.lnk -> C:\Program Files\DVDVideoMedia\Free Video Cutter Joiner\unins000.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira System Speedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira_System_Speedup.exe (Avira Operations GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net\asav.lnk -> C:\Program Files (x86)\Dell Wireless\asav.exe (QUALCOMM Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\Users\Rajshree\Links\Desktop.lnk -> C:\Users\Rajshree\Desktop ()
Shortcut: C:\Users\Rajshree\Links\Downloads.lnk -> C:\Users\Rajshree\Downloads ()
Shortcut: C:\Users\Rajshree\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\MinGW Installation Manager.lnk -> C:\MinGW\libexec\mingw-get\guimain.exe (MinGW.org Project)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk -> C:\Users\Rajshree\AppData\Roaming\uTorrent Web\utweb.exe (No File)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe () -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe () -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL\MySQL Server 8.0\MySQL 8.0 Command Line Client - Unicode.lnk -> C:\Program Files\MySQL\MySQL Server 8.0\bin\mysql.exe () -> "--defaults-file=C:\ProgramData\MySQL\MySQL Server 8.0\my.ini" "-uroot" "-p" "--default-character-set=utf8mb4"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL\MySQL Server 8.0\MySQL 8.0 Command Line Client.lnk -> C:\Program Files\MySQL\MySQL Server 8.0\bin\mysql.exe () -> "--defaults-file=C:\ProgramData\MySQL\MySQL Server 8.0\my.ini" "-uroot" "-p"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL\MySQL Installer - Community\MySQL Installer - Community.lnk -> C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstaller.exe (Oracle Corporation) -> Community
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe () -> /design
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_221\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_221\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 1510 series\HP Product Improvement Study.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe (Hewlett-Packard Co.) -> /changesettings /UA 12.5 /DDV 0x0b00
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Rajshree\AppData\Roaming\Microsoft\Word\Binary%20Tree_DSA307345843482628351\Binary%20Tree_DSA.docx.lnk -> C:\Users\Rajshree\Desktop\Binary Tree_DSA.docx () -> 0
ShortcutWithArgument: C:\Users\Rajshree\AppData\Roaming\Microsoft\Word\answer%20key%20toc307059512867924862\answer%20key%20toc.docx.lnk -> C:\Users\Rajshree\Desktop\answer key toc.docx () -> 0
ShortcutWithArgument: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Rajshree\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-quic
ShortcutWithArgument: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-quic
ShortcutWithArgument: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Reference Documentation.url -> URL: hxxps://docs.oracle.com/javase/8/docs
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.url -> URL: hxxps://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.url -> URL: hxxps://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.ccleaner.com/ccleaner
InternetURL: C:\Users\Rajshree\Favorites\Windows Live\Get Windows Live.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Rajshree\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Rajshree\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Rajshree\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Rajshree\Favorites\MSN Websites\MSN Autos.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Rajshree\Favorites\MSN Websites\MSN Entertainment.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Rajshree\Favorites\MSN Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Rajshree\Favorites\MSN Websites\MSN Sports.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Rajshree\Favorites\MSN Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Rajshree\Favorites\MSN Websites\MSNBC News.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Rajshree\Favorites\Microsoft Websites\IE Add-on site.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Rajshree\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\Rajshree\Favorites\Microsoft Websites\Microsoft At Home.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\Rajshree\Favorites\Microsoft Websites\Microsoft At Work.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\Rajshree\Favorites\Microsoft Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Rajshree\Favorites\Links for United States\GobiernoUSA.gov.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\Rajshree\Favorites\Links for United States\USA.gov.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\Rajshree\Favorites\Links\Suggested Sites.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Rajshree\Favorites\Links\Web Slice Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315

==================== End of Shortcut.txt =============================
 

Nishith

TS Rookie
Addition.txt text:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-09-2019
Ran by Rajshree (07-09-2019 00:08:53)
Running from E:\
Windows 7 Ultimate Service Pack 1 (X64) (2015-06-03 13:01:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-811263216-3352323111-4138218245-500 - Administrator - Disabled)
Guest (S-1-5-21-811263216-3352323111-4138218245-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-811263216-3352323111-4138218245-1007 - Limited - Enabled)
Rajshree (S-1-5-21-811263216-3352323111-4138218245-1000 - Administrator - Enabled) => C:\Users\Rajshree

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-811263216-3352323111-4138218245-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.238 - Adobe)
Avira (HKLM-x32\...\{1db45392-716a-490d-9b3e-2d96adbb5ab0}) (Version: 1.2.136.25116 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{CC898F82-66EF-4083-947F-5C69703DDBAF}) (Version: 1.2.136.25116 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.8.0.7455 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Dell System Detect (HKU\S-1-5-21-811263216-3352323111-4138218245-1000\...\58d94f3ce2c27db0) (Version: 6.12.0.5 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.1.0 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java SE Development Kit 8 Update 221 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180221}) (Version: 8.0.2210.11 - Oracle Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MySQL Connector J (HKLM-x32\...\{1686D4B0-7F10-40A9-8119-192F9CAF971A}) (Version: 8.0.17 - Oracle Corporation)
MySQL Installer - Community (HKLM-x32\...\{8323B182-1718-40C7-AA23-93323E3A4829}) (Version: 1.4.30.0 - Oracle Corporation)
MySQL Server 8.0 (HKLM\...\{827F2F48-CCB9-4018-9AA3-0CA9FA3223E1}) (Version: 8.0.17 - Oracle Corporation)
MySQL Shell 8.0.17 (HKLM\...\{DD7F2E87-50CF-4C83-B4E0-E0FD79B80B82}) (Version: 8.0.17 - Oracle and/or its affiliates)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Product Improvement Study for HP Deskjet 1510 series (HKLM\...\{35DB2630-846E-47C5-AF84-9D6AC3629F55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.61.612.2012 - Realtek)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype version 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
TotalRecipeSearch Internet Explorer Homepage and New Tab (HKU\S-1-5-21-811263216-3352323111-4138218245-1000\...\TotalRecipeSearchTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network, Inc.) <==== ATTENTION
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:/Program Files (x86)/Avira/System Speedup/Avira.SystemSpeedup.UI.ShellExtension.DLL [2018-03-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:/Program Files (x86)/Avira/System Speedup/Avira.SystemSpeedup.UI.ShellExtension.DLL [2018-03-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:/Program Files (x86)/Avira/System Speedup/Avira.SystemSpeedup.UI.ShellExtension.DLL [2018-03-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-quic
ShortcutWithArgument: C:\Users\Rajshree\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-quic

==================== Loaded Modules (Whitelisted) ==============

2016-01-28 17:01 - 2013-02-23 07:08 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000011264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorCommon.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000032256 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgr.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000010240 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvcInterfaces.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000124416 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUtil.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000387072 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorViewModel.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 001492992 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000517120 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000424448 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PSI.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000008704 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PSIClient.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-811263216-3352323111-4138218245-1000\...\dell.com -> dell.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 08:04 - 2017-06-19 22:13 - 000000832 _____ C:\Windows\system32\drivers\etc\hosts


2015-12-30 14:26 - 2016-11-14 09:26 - 000000519 _____ C:\Windows\system32\drivers\etc\hosts.ics

192.168.173.251 android-76cbd8d0ce8e69a1.mshome.net # 2016 11 1 21 3 56 17 719
192.168.173.1 Rajshree-PC.mshome.net # 2021 11 6 13 3 56 17 719

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;D:\Nishith\Softwares\apache-maven-3.6.1\bin
HKU\S-1-5-21-811263216-3352323111-4138218245-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Avira System Speedup User Starter => "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe"
MSCONFIG\startupreg: Avira SystrayStartTrigger => "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
MSCONFIG\startupreg: SilentHill => "C:\Windows\rss\csrss.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: utweb => "C:\Users\Rajshree\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED
MSCONFIG\startupreg: {579950C2-E4DF-46F6-A711-E505BA0C046A} => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\VGXlwExpTEC').NMKMN)));

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B06D83FC-7C28-43F2-B7A5-C86A5ADE535C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B8AB0A6-BC31-470E-929C-9DBF22BD6E90}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{03C9266F-2F98-441C-8F55-4CC801F85A10}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8F736E83-5924-4549-8AD9-C97228B68FDC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9D1DBB9D-5C42-44E1-9A95-A1E9E336BBF4}] => (Allow) %SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2B498CA0-16E2-4EAC-B981-403337D50A00}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36D2B840-A9F5-4394-A50F-520FD7A66FB6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{71FBB45A-D1F0-45BE-8234-84FE6B089C77}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{70187C86-500B-4FCA-8DD1-0D76454B6AF3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5F41F57-C108-4E75-B10B-5AC0FDC90D29}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7A587D55-2B32-44F3-92EB-75F8DA8A51D8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DF588557-5CF6-49E1-A737-C738FB33CBDA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B87054C4-2D7A-4356-B33B-C9EBEF96B3DD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1B968CFA-C71C-4E0A-9710-0F2BB75C7A0C}] => (Allow) LPort=3306
FirewallRules: [{E5976413-BE01-4641-8ECE-B700B62A719A}] => (Allow) LPort=33060
FirewallRules: [{94219680-1BBE-40DB-9757-514433DB9459}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3886FF9E-1EE1-4EC9-8C37-A3FA41A7D2DA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB242654-0B1F-4061-A37E-3EDCA814F023}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D19B6BF8-5A0A-473A-A8C6-950DD9BEF191}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{82D7AB94-A0E6-4DD3-BF77-40FEC558AB37}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:261.86 GB) (Free:205.52 GB) (78%)

==================== Faulty Device Manager Devices =============

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/06/2019 11:58:23 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe".Error in manifest or policy file "C:\Program Files (x86)\Dell Wireless\Microsoft.VC80.CRT\Microsoft.VC80.CRT.MANIFEST" on line 4.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195".
Definition is Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/06/2019 11:57:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/06/2019 11:56:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\system32\athihvs.dll".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/06/2019 11:24:17 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "c:\program files (x86)\dell wireless\Ath_WlanAgent.exe".Error in manifest or policy file "c:\program files (x86)\dell wireless\Microsoft.VC80.CRT\Microsoft.VC80.CRT.MANIFEST" on line 4.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195".
Definition is Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/06/2019 10:55:00 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe".Error in manifest or policy file "C:\Program Files (x86)\Dell Wireless\Microsoft.VC80.CRT\Microsoft.VC80.CRT.MANIFEST" on line 4.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195".
Definition is Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/06/2019 10:54:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/06/2019 10:52:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\system32\athihvs.dll".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/06/2019 10:42:47 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe".Error in manifest or policy file "C:\Program Files (x86)\Dell Wireless\Microsoft.VC80.CRT\Microsoft.VC80.CRT.MANIFEST" on line 4.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195".
Definition is Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (09/06/2019 11:56:00 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athihvs.dll
Error Code: 14001

Error: (09/06/2019 10:52:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athihvs.dll
Error Code: 14001

Error: (09/06/2019 10:40:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athihvs.dll
Error Code: 14001

Error: (09/06/2019 10:32:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athihvs.dll
Error Code: 14001

Error: (09/06/2019 10:20:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athihvs.dll
Error Code: 14001

Error: (09/06/2019 10:20:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:16:37 PM on ‎9/‎6/‎2019 was unexpected.

Error: (09/06/2019 10:02:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athihvs.dll
Error Code: 14001

Error: (09/06/2019 09:54:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athihvs.dll
Error Code: 14001


Windows Defender:
===================================
Date: 2015-10-06 11:11:31.200
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{C6B3A346-D403-4484-B3D3-6592D5730B6E}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

CodeIntegrity:
===================================

Date: 2019-09-05 22:24:55.549
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-09-05 22:24:55.518
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Dell Inc. A12 10/25/2013
Motherboard: Dell Inc. 0JYTX5
Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 90%
Total physical RAM: 3983.36 MB
Available physical RAM: 367.25 MB
Total Virtual: 7964.92 MB
Available Virtual: 2295.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:261.86 GB) (Free:205.52 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:100 GB) (Free:44.27 GB) NTFS
Drive e: (NISHITHOFSS) (Removable) (Total:14.52 GB) (Free:11.95 GB) FAT32


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 87B57FE3)
Partition 1: (Not Active) - (Size=100 GB) - (Type=83)
Partition 2: (Active) - (Size=261.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3.9 GB) - (Type=05)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 14.5 GB) (Disk ID: 394D8611)
Partition 1: (Active) - (Size=14.5 GB) - (Type=0C)

==================== End of Addition.txt ============================
 

Cycloid Torus

Stone age computing - click on the rock below..
"Please give me steps on how I could solve this problem!"
Sign out of windows.
Turn system off.
Re-start system.
Describe what you see on the monitor and hear from the speaker.
Enter a Windows User account.
Describe what you see on the monitor and hear from the speaker.
If you are signed on as a user, then make backup copies of any of your data files that you want to save.
Repeat for all user accounts.
Finish above with full description of "problem" you wish to solve - there seem to be several.
Include description of system (It is a Dell something? It came with Win7 installed?) and how the problem/problems manifested.
 

Nishith

TS Rookie
My system is DELL Inpiron. It came with Ubuntu installed. later I installed Windows 7 on top of it hence Now I have dual boot options enabled. It was working fine for around 3 years. Problem got manifested 3 days ago when I downloaded a zip file and extracted it. system asked for a restart.

When I restarted the system and selected windows 7 from GRUB menu, I could see 2 options of windows for fraction of seconds and "F8" doesn't seem to work that time and windows loading page was also looking different and I was not able to access Microsoft website, any antivirus websites, windows update etc. So I checked "msconfig" through run and found that there were 2 windows in "Boot" tab. So I removed the newly created windows and rebooted. this time after selecting windows 7 from Grub Menu I was able get advanced options by pressing "F8" and windows loading page again seemed to look the way it was earlier. but still I was not able to access Microsoft website, any antivirus websites, windows update etc.

I use Avira Antivirus which started to show lot of notifications of threats. I tried to update it but since it was not to connect to its server it didn't update. so I uninstalled it and tried to install it again. this time I was getting message of installing ".net framework 4". So I downloaded the standalone installer on my other system to install it on this system. but it fails everytime with error mentioned in subject of the thread. I suspect some serious malware has infected my system, registry etc. and I am unable to rectify it. I was only to run Farbar Recovery Scan Tool 64-Bit tool. I dont know how to rectify the issue using the logs generated by it.

Windows behaviour on start up:

1. one beep comes and Dell with progress bar appears.
2. Linus Grub menu comes where I select windows 7.
3. windows loading screen appears with windows symbol emerging.
4. password screen comes with windows loading sound.
5. I enter the password and windows logs in with login sound.

The above behaviour was happening before getting infected.

Can u help in removing the infection from my system?
 

Broni

Malware Annihilator
Welcome aboard


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

I can see you created first FRST log from Recovery Console, so...
Is your system bootable or not?
 
Status
Not open for further replies.