Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2020 01 Ran by SRINIVAS (25-05-2020 12:04:41) Running from C:\Users\SRINIVAS\Desktop Windows 8.1 Connected Single Language (Update) (X64) (2015-08-07 14:57:57) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-694628291-767070351-3124995916-500 - Administrator - Disabled) Guest (S-1-5-21-694628291-767070351-3124995916-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-694628291-767070351-3124995916-1003 - Limited - Enabled) SRINIVAS (S-1-5-21-694628291-767070351-3124995916-1001 - Administrator - Enabled) => C:\Users\SRINIVAS ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Quick Heal Total Security (Enabled - Up to date) {D2F706C8-BC4C-660E-C57B-2E8CE1D9CF6C} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Quick Heal Total Security (Enabled - Up to date) {6996E72C-9A76-6980-FFCB-15FE9A5E85D1} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Quick Heal Firewall (Enabled) {EACC87ED-F623-6756-EE24-87B91F0A8817} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Andy OS (HKLM\...\Andy OS) (Version: 0.45.0.0 - Andy OS, Inc) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.5.3 - philandro Software GmbH) AudioRelay version 0.8.1 (HKLM-x32\...\{86705A3A-8AAB-4C7C-B311-A0426548373F}_is1) (Version: 0.8.1 - azEfsw) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.) Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.) Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.4.0 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP) Dell Foundation Services (HKLM\...\{C1C53DA1-9497-4ABB-A3D6-A63039820B37}) (Version: 3.3.7200.0 - Dell Inc.) Dell Help & Support (HKLM\...\{77C8127D-65EA-4E03-8C1B-C77714E1B291}) (Version: 2.2.26.0 - Dell Inc.) Hidden Dell Help & Support (HKLM-x32\...\InstallShield_{77C8127D-65EA-4E03-8C1B-C77714E1B291}) (Version: 2.2.26.0 - Dell Inc.) Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6745.47 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell) Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2208 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation) Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Opera Stable 36.0.2130.65 (HKLM-x32\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications) Quick Heal Total Security (HKLM\...\{75DEED91-7B14-49DC-A5F3-B60E633AC4A5}) (Version: 18.00 - Quick Heal) Hidden Quick Heal Total Security (HKLM\...\Quick Heal Total Security) (Version: 18.00 - Quick Heal Technologies Ltd.) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.4.05 - Dell Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.8903 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7304 - Realtek Semiconductor Corp.) Resolver version 2.2 (HKLM-x32\...\{FEE1B498-C441-40CA-820C-CD275BAA204B}_is1) (Version: 2.2 - ACT) SoundWire Server version 2.5 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 2.5 - GeorgieLabs) TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.1.17330 - TeamViewer GmbH) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Zoom (HKU\S-1-5-21-694628291-767070351-3124995916-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) Packages: ========= eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2015-08-30] (eBay, Inc) Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad] MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-29] (Microsoft Corporation) [MS Ad] MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-29] (Microsoft Corporation) [MS Ad] MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad] MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad] MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad] MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-09-02] (Microsoft Corporation) [MS Ad] MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-25] (Microsoft Corporation) [MS Ad] Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-08-29] (Microsoft Corporation) [MS Ad] Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-08-30] (Skype) [MS Ad] Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-08] (Microsoft Corporation) [MS Ad] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2014-06-05] (SoftThinks -> ) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2014-06-05] (SoftThinks -> ) ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] ContextMenuHandlers1: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => C:\Program Files\Quick Heal\Quick Heal Total Security\PCTuner\sdshell.dll [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers1: [QHFLVLT] -> {5BB5EA17-7B93-426A-99E5-358CF6CDDED1} => C:\Program Files\Quick Heal\Quick Heal Total Security\flvltext.dll [2018-12-11] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers1: [RCScan] -> {362A3A82-5EF4-422F-817F-A17EBA53E67C} => C:\Program Files\Quick Heal\Quick Heal Total Security\RCSCAN.DLL [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => C:\Program Files\Quick Heal\Quick Heal Total Security\PCTuner\sdshell.dll [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => C:\Program Files\Quick Heal\Quick Heal Total Security\PCTuner\sdshell.dll [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [QHFLVLT] -> {5BB5EA17-7B93-426A-99E5-358CF6CDDED1} => C:\Program Files\Quick Heal\Quick Heal Total Security\flvltext.dll [2018-12-11] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ContextMenuHandlers6: [RCScan] -> {362A3A82-5EF4-422F-817F-A17EBA53E67C} => C:\Program Files\Quick Heal\Quick Heal Total Security\RCSCAN.DLL [2018-11-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2014-02-26 11:16 - 2014-02-26 11:16 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2014-02-26 11:13 - 2014-02-26 11:13 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll 2015-05-15 06:11 - 2014-02-27 10:09 - 000440320 ____N (Atheros) [File not signed] C:\Windows\system32\athihvs.dll 2014-02-26 11:20 - 2014-02-26 11:20 - 000107648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll 2014-02-26 11:20 - 2014-02-26 11:20 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\CommApi.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000203392 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\FolderViewImpl.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000085632 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\GattI.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000126592 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\gatts.DLL 2014-02-26 11:21 - 2014-02-26 11:21 - 000083072 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Handsfree.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ipc.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000063104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ModuleManager.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\OutLookLib.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000291456 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000130176 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\skypeagent.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\TCPConnection.dll 2014-02-26 11:21 - 2014-02-26 11:21 - 000115328 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\utils.dll 2014-02-26 11:20 - 2014-02-26 11:20 - 000361600 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Windows\system32\AthCredentialProvider.dll 2014-02-26 11:14 - 2014-02-26 11:14 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\LE\LE.dll 2014-02-26 11:15 - 2014-02-26 11:15 - 000210432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Audio\audio.dll 2014-02-26 11:16 - 2014-02-26 11:16 - 000162304 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll 2014-02-26 11:16 - 2014-02-26 11:16 - 000177152 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\BIP\BIP.dll 2014-02-26 11:14 - 2014-02-26 11:14 - 000018432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\DID\DId.dll 2014-02-26 11:14 - 2014-02-26 11:14 - 000035840 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\FAX\Fax.dll 2014-02-26 11:15 - 2014-02-26 11:15 - 000421888 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll 2014-02-26 11:16 - 2014-02-26 11:16 - 000096256 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\GapSdp\GapSdp.dll 2014-02-26 11:11 - 2014-02-26 11:11 - 000097792 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\goep\goep.dll 2014-02-26 11:13 - 2014-02-26 11:13 - 000029696 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\HCRP\Hcrp.dll 2014-02-26 11:16 - 2014-02-26 11:16 - 000091136 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\L2capLib\l2caplib.dll 2014-02-26 11:11 - 2014-02-26 11:11 - 000181248 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\OppOperation\ObjPush.dll 2014-02-26 11:16 - 2014-02-26 11:16 - 000066048 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\OppOperation\OppOperation.dll 2014-02-26 11:15 - 2014-02-26 11:15 - 000067072 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\pbap\pbap.dll 2014-02-26 11:16 - 2014-02-26 11:16 - 000063488 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll 2014-02-26 11:15 - 2014-02-26 11:15 - 000097280 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\sap\sap.dll 2014-02-26 11:16 - 2014-02-26 11:16 - 000087552 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\SesMgr\sesmgr.dll 2014-02-26 11:15 - 2014-02-26 11:15 - 000055296 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\spp\spp.dll 2014-02-26 11:15 - 2014-02-26 11:15 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Sync\Sync.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\SRINIVAS\Downloads\051030813071915903_1563028945394.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07_Key (1).pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07_Key.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\2020-05-09XXHoliday Revision Work for class 9XXClass IX.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\7th_UCO.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\7_Solution.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\class 10 holiday homework pdf.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\email id and mobile modification.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\Grade5-30859-2-4576.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\nstse-answer-key-class-7.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE-Class-7-Solutions-2015.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE_7 (1).pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE_7.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\SocialScience6To8.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Documents\email id and mobile modification.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Documents\HTML_GUIDE.pdf:SandBoxSafeFile [0] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 18:55 - 2020-05-25 11:11 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ HKU\S-1-5-21-694628291-767070351-3124995916-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SRINIVAS\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A670F7FC-F0E3-48E1-B34F-0BA85814BD88}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Andy_45_Online\Setup.exe (Andy OS, inc. -> Andy OS, Inc) FirewallRules: [{CEC63A89-672A-45B6-B718-082F054594B1}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Andy_45_Online\Setup.exe (Andy OS, inc. -> Andy OS, Inc) FirewallRules: [{BE123F12-FE01-4384-8950-EBAF0A55DED7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{C5E5D3BB-A7CF-4A2C-8BA5-1686BC304ABC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{D25F857A-B3A2-4A6D-97C5-4BA5EF794CCD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{CEA234C9-E357-4BA3-9A5D-89C5E9E4D682}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{EF6AAB54-D707-4FE1-B486-6747D01E1647}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File FirewallRules: [{9F63C3C1-96A1-4E67-B2FC-523873D98A49}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Andy_45_Online\Setup.exe (Andy OS, inc. -> Andy OS, Inc) FirewallRules: [{ED28C863-2902-4055-B2F1-D5C6C3EBB0DF}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Andy_45_Online\Setup.exe (Andy OS, inc. -> Andy OS, Inc) FirewallRules: [{0FA73B12-D8E3-4B8D-8964-90EC06F585A6}] => (Allow) C:\Program Files\Andy\Andy.exe (Andy OS Inc -> Andy OS, inc) FirewallRules: [{51357586-3C67-4D25-A8D1-04AD248B6B3F}] => (Allow) C:\Program Files\Andy\Andy.exe (Andy OS Inc -> Andy OS, inc) FirewallRules: [{E23FBC9C-3753-4F63-B273-D8173C348228}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1C54A0CC-1696-49FA-9118-363527C74F8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{47D24B65-D444-4E89-A6BE-76FC41DA9A46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{D4FE214A-9F46-4589-A092-9323E4135CBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4D055FE6-A6A5-4227-905F-6FF94CB2BFD6}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{ACD3E3EA-F537-400E-80A4-5742BADF0FC8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{035E64BB-AB5E-4469-8266-3F0618FFC2DA}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{39B0928F-A83E-4F37-9A9F-EE459516BAAA}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{3495177E-BD90-412E-9018-CDD71455B2A1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{D47E3A03-1362-44E0-8C29-A09CE719BAE1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{0B7D114B-C0D3-447F-8F86-2F35EE6DE67D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{5A330245-F542-4EC6-81B1-6CE16ABD2EF3}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) ==================== Restore Points ========================= 11-05-2020 16:51:36 Quick Heal AntiMalware Restore Point 15-05-2020 15:20:38 Windows Update 15-05-2020 16:47:47 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 18-05-2020 17:06:51 Windows Update ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (05/25/2020 11:49:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: pcdrcui.exe, version: 6.0.6745.47, time stamp: 0x5672485c Faulting module name: Matrix.dll, version: 6.0.6745.47, time stamp: 0x56723fc0 Exception code: 0xc0000005 Fault offset: 0x00000000000a6c72 Faulting process id: 0x12dc Faulting application start time: 0x01d6325b681a5be9 Faulting application path: C:\Program Files\Dell\SupportAssist\pcdrcui.exe Faulting module path: C:\Program Files\Dell\SupportAssist\Matrix.dll Report Id: c025eabc-9e4f-11ea-8467-34689560e9d4 Faulting package full name: Faulting package-relative application ID: Error: (05/25/2020 11:49:52 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: pcdrcui.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 000000006D156C72 Error: (05/25/2020 11:42:19 AM) (Source: PerfNet) (EventID: 2005) (User: ) Description: Unable to read performance data for the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information. Error: (05/25/2020 11:42:17 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (05/25/2020 09:57:52 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbamtray.exe, version: 3.1.0.1840, time stamp: 0x5d5c13ae Faulting module name: KERNELBASE.dll, version: 6.3.9600.18895, time stamp: 0x5a4b127e Exception code: 0xc0000142 Fault offset: 0x0009d4e2 Faulting process id: 0x1834 Faulting application start time: 0x01d6324cd1c75812 Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Faulting module path: KERNELBASE.dll Report Id: 18411222-9e40-11ea-8465-34689560e9d4 Faulting package full name: Faulting package-relative application ID: Error: (05/25/2020 09:52:39 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program mbam.exe version 3.1.0.1838 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: f04 Start Time: 01d6324be121b87d Termination Time: 4111 Application Path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe Report Id: 56300cdf-9e3f-11ea-8465-34689560e9d4 Faulting package full name: Faulting package-relative application ID: Error: (05/24/2020 05:10:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DELL) Description: Activation of app eBayInc.eBay_1618n3s9xq8tw!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (05/24/2020 05:09:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DELL) Description: App eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw+App did not launch within its allotted time. System errors: ============= Error: (05/25/2020 11:49:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell Digital Delivery Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (05/25/2020 11:49:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect. Error: (05/25/2020 11:49:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell Help & Support service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (05/25/2020 11:49:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Help & Support service to connect. Error: (05/25/2020 11:45:54 AM) (Source: DCOM) (EventID: 10016) (User: DELL) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user DELL\SRINIVAS SID (S-1-5-21-694628291-767070351-3124995916-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/25/2020 11:45:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Defender Service service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Error: (05/25/2020 11:40:41 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout. Error: (05/25/2020 11:38:41 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} did not register with DCOM within the required timeout. CodeIntegrity: =================================== Date: 2020-05-25 11:45:45.821 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-25 10:56:15.792 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-25 09:48:08.975 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-24 16:44:23.431 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-24 16:27:11.284 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-24 15:05:10.324 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-24 11:03:22.932 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-23 15:13:52.308 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: Dell Inc. A09 03/24/2015 Motherboard: Dell Inc. 0F2A90 Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz Percentage of memory in use: 85% Total physical RAM: 1929.82 MB Available physical RAM: 273.1 MB Total Virtual: 3593.82 MB Available Virtual: 1375.1 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:229.67 GB) (Free:173.77 GB) NTFS Drive e: (New Volume) (Fixed) (Total:114.04 GB) (Free:113.34 GB) NTFS Drive f: (New Volume) (Fixed) (Total:113.54 GB) (Free:113.42 GB) NTFS Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.44 GB) NTFS Drive y: (PBR Image) (Fixed) (Total:7.13 GB) (Free:0.73 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================