Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015 Ran by SYSTEM on MININT-O8HV9CU (10-11-2015 02:44:34) Running from G:\ Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 9 Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [PowerDVD12DMREngine] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [505872 2012-07-25] (CyberLink) HKLM-x32\...\Run: [PowerDVD12Agent] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [374560 2012-07-25] (CyberLink Corp.) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc) HKU\Deploy\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB HKU\Deploy\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe" /PROMPT /CMPID=JUNE2013_HP HKU\Rajinikanth\...\Run: [Google Update] => C:\Users\Rajinikanth\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.) HKU\Rajinikanth\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG) HKU\Rajinikanth\...\Run: [uTorrent] => C:\Users\Rajinikanth\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-13] (BitTorrent Inc.) HKU\Rajinikanth\...\Run: [AVG-Secure-Search-Update_0913a] => C:\Users\Rajinikanth\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid e9ece8404a8f47d1a8d3d15a0f75730d-ad1491be2ce6c122f6b66faa90e70c2decf7d34c --CMPID 0913a HKU\Rajinikanth\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\Rajinikanth\...\Run: [{CFFFBDCC-1501-472A-A4AB-EAB831FF0BF6}] => regsvr32.exe "C:\Users\Rajinikanth\AppData\Roaming\IebaFqej\YuwuWsiw.dll" HKU\Rajinikanth\...\Run: [BackUp2228303646] => C:\Users\Rajinikanth\AppData\Roaming\BackUp2228303646.exe [581632 2009-07-13] () Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.) S2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-07-25] (CyberLink Corp.) S2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-07-25] (CyberLink) S2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-07-25] (CyberLink) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation) S2 RalinkRegistryWriter; C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe [374112 2011-03-14] (Ralink Technology, Corp.) S2 RalinkRegistryWriter64; C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe [451936 2011-03-14] (Ralink Technology, Corp.) S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-08-09] () S3 TpMediaServer; C:\Program Files (x86)\TP-LINK\COMMON\RaMediaServer.exe [619872 2011-03-14] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.) S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.) S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.) S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.) S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.) S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.) S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-12-28] (Broadcom Corporation.) S1 BIOS; C:\Windows\system32\drivers\BIOS64.sys [14136 2009-06-17] (BIOSTAR Group) S1 BIOS; C:\Windows\SysWOW64\drivers\BIOS64.sys [14136 2009-06-17] (BIOSTAR Group) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-06-20] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S1 MpKslb6c95284; C:\Windows\system32\MpEngineStore\MpKslb6c95284.sys [44928 2015-11-09] (Microsoft Corporation) S1 MpKslcf41a2e4; C:\Windows\system32\MpEngineStore\MpKslcf41a2e4.sys [44928 2015-11-09] (Microsoft Corporation) S3 MPMFL; C:\Windows\System32\DRIVERS\MPMFL.sys [23272 2012-12-17] (Windows (R) Server 2003 DDK provider) S2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-18] (NVIDIA Corporation) S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-26] (Microsoft Corporation) S3 ZG760_64; C:\Windows\System32\DRIVERS\WlanGZ64.SYS [493696 2006-08-17] (ZyDAS Technology Corporation) S3 ZG760_64; C:\Windows\SysWOW64\DRIVERS\WlanGZ64.SYS [493696 2006-08-17] (ZyDAS Technology Corporation) S2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-08-10] (CyberLink Corp.) S3 ALSysIO; \??\C:\Users\RAJINI~1\AppData\Local\Temp\ALSysIO64.sys [X] S3 BS2228303646; \??\C:\Users\RAJINI~1\AppData\Local\Temp\NTFS.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-09 17:03 - 2015-11-09 21:16 - 00000000 ____D C:\Windows\System32\MpEngineStore 2015-11-09 05:49 - 2015-11-09 05:49 - 00003380 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1873260180-584723267-4080468776-1000 2015-11-09 05:49 - 2015-11-09 05:49 - 00003258 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1873260180-584723267-4080468776-1000 2015-11-08 21:24 - 2015-11-08 21:24 - 00000036 _____ C:\Users\Rajinikanth\AppData\Local\housecall.guid.cache 2015-11-08 21:14 - 2015-11-08 21:14 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\QuickScan 2015-11-08 15:53 - 2015-11-08 15:54 - 00037596 _____ C:\Users\Rajinikanth\Desktop\Addition.txt 2015-11-08 15:51 - 2015-11-10 02:44 - 00000000 ____D C:\FRST 2015-11-08 15:51 - 2015-11-08 15:54 - 00024936 _____ C:\Users\Rajinikanth\Desktop\FRST.txt 2015-11-08 15:36 - 2015-11-08 15:44 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\tor 2015-11-08 14:42 - 2015-11-08 14:42 - 00007626 _____ C:\Users\Rajinikanth\AppData\Local\Resmon.ResmonCfg 2015-11-08 14:36 - 2015-11-08 14:36 - 00000137 _____ C:\Users\Rajinikanth\Desktop\debug.log 2015-11-08 12:37 - 2015-11-09 09:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-08 12:37 - 2015-11-09 09:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-08 12:37 - 2015-11-08 13:24 - 00000000 ____D C:\Users\Rajinikanth\AppData\Local\Mozilla 2015-11-08 12:37 - 2015-11-08 12:37 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\Mozilla 2015-11-08 00:23 - 2015-11-09 05:48 - 00000000 ____D C:\Users\Rajinikanth\AppData\LocalLow\uTorrent 2015-10-23 18:26 - 2015-11-09 08:12 - 03471692 _____ C:\Windows\System32\CFG2228303646 2015-10-23 18:14 - 2015-10-23 18:14 - 00329496 _____ C:\Windows\Minidump\102315-55536-01.dmp 2015-10-23 18:12 - 2015-11-09 09:08 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\IebaFqej 2015-10-23 18:11 - 2015-10-23 18:12 - 00000000 ___HD C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8} 2015-10-13 18:32 - 2015-10-13 18:32 - 00020679 _____ C:\Users\Rajinikanth\Downloads\32415815A0B4621400688F0BF2966D7FD3435D93.torrent 2015-10-13 18:31 - 2015-10-13 18:31 - 00019703 _____ C:\Users\Rajinikanth\Downloads\D6525C8CB07CBC6CE001A97541DAD408D4F1FFF0.torrent 2015-10-13 18:30 - 2015-10-13 18:30 - 00019715 _____ C:\Users\Rajinikanth\Downloads\81BA198ED92739B4BCEE99C90FF5EFA0B71069D4.torrent 2015-10-13 18:28 - 2015-10-13 18:28 - 00017607 _____ C:\Users\Rajinikanth\Downloads\D5A14DD9675E85750E60051FC86F0AB402E9443F.torrent 2015-10-13 18:24 - 2015-10-13 18:24 - 00013303 _____ C:\Users\Rajinikanth\Downloads\www.TamilRockers.com - Unnale Unnale 2006 Tamil 720p DVDRip x264 1.2GB ESubs.torrent 2015-10-13 18:23 - 2015-10-13 18:23 - 00012075 _____ C:\Users\Rajinikanth\Downloads\www.TamilRockers.com - VSOP (2015)1080p v2 HD - AVC - MP4 - 5.1 - 4.4GB - Tamil.mp4.torrent 2015-10-13 18:21 - 2015-10-13 18:21 - 00016196 _____ C:\Users\Rajinikanth\Downloads\www.TamilRockers.com - Baahubali (2015)1080p DVDRip - Tamil AAC 5.1 (Original) - 3GB ESubs.torrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-09 23:58 - 2012-01-31 23:41 - 01066723 _____ C:\Windows\WindowsUpdate.log 2015-11-09 23:57 - 2012-09-08 18:28 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\uTorrent 2015-11-09 23:57 - 2009-07-13 20:51 - 00111608 _____ C:\Windows\setupact.log 2015-11-09 23:51 - 2009-07-13 21:13 - 00778834 _____ C:\Windows\System32\PerfStringBackup.INI 2015-11-09 23:00 - 2012-02-10 20:09 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1873260180-584723267-4080468776-1000UA.job 2015-11-09 19:46 - 2015-06-21 22:51 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\Raptr 2015-11-09 18:00 - 2012-02-10 20:09 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1873260180-584723267-4080468776-1000Core.job 2015-11-09 16:58 - 2015-06-19 22:12 - 00000000 ____D C:\Users\Rajinikanth\AppData\Local\CrashDumps 2015-11-09 09:08 - 2015-07-18 20:43 - 00000000 ____D C:\Program Files (x86)\Google 2015-11-09 09:08 - 2014-07-23 15:07 - 00000000 ____D C:\Program Files (x86)\Acrok 2015-11-09 09:08 - 2012-08-24 13:37 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\vlc 2015-11-09 09:08 - 2012-08-01 10:42 - 00000000 ____D C:\users\Deploy 2015-11-09 09:08 - 2012-02-10 20:09 - 00000000 ____D C:\Users\Rajinikanth\AppData\Local\Google 2015-11-09 09:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF 2015-11-09 09:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration 2015-11-09 09:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat 2015-11-09 09:07 - 2014-01-20 23:24 - 00000000 ____D C:\ProgramData\RealNetworks 2015-11-09 05:56 - 2009-07-13 20:45 - 00026000 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-09 05:56 - 2009-07-13 20:45 - 00026000 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-09 05:44 - 2013-06-07 14:59 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job 2015-11-09 05:44 - 2013-06-03 02:33 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2015-11-09 05:44 - 2012-01-31 23:40 - 00000000 ____D C:\users\Rajinikanth 2015-11-09 05:43 - 2012-02-01 00:10 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-09 05:43 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-08 17:23 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\FxsTmp 2015-11-08 12:32 - 2012-02-10 20:09 - 00000000 ____D C:\Users\Rajinikanth\AppData\Local\Deployment 2015-10-23 18:14 - 2012-02-15 22:10 - 00000000 ____D C:\Windows\Minidump 2015-10-23 18:10 - 2012-02-10 21:53 - 00000000 ____D C:\ProgramData\MFAData 2015-10-21 12:37 - 2015-06-23 06:54 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task Files to move or delete: ==================== C:\ProgramData\uninstaller.exe ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE Association (Whitelisted) ============= ==================== Restore Points ========================= Restore point date: 2015-10-24 10:04 Restore point date: 2015-11-03 23:00 Restore point date: 2015-11-09 22:48 ==================== Memory info =========================== Percentage of memory in use: 9% Total physical RAM: 8191.37 MB Available physical RAM: 7394.27 MB Total Virtual: 8189.57 MB Available Virtual: 7381.75 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:984.01 GB) (Free:13.48 GB) NTFS Drive e: () (Fixed) (Total:878.91 GB) (Free:289.32 GB) NTFS Drive g: (USB20FD) (Removable) (Total:14.92 GB) (Free:14.84 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: B65E26BF) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=984 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=878.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 14.9 GB) (Disk ID: 04030201) Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C) LastRegBack: 2015-11-03 22:53 ==================== End of FRST.txt ============================