Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-07-2020 Ran by Admin (administrator) on PINKYPC (Acer Aspire E5-573) (22-07-2020 16:59:39) Running from D:\Users\Hari\Desktop Loaded Profiles: Admin Platform: Windows 10 Pro Version 1909 18363.959 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe (Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12007.1001.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fodhelper.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.957_none_5f2e9e6258ea82f2\TiWorker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8> (Open Media LLC -> ) C:\Program Files\4KDownload\4kvideodownloader\crashpad_handler.exe (Open Media LLC -> Open Media LLC) C:\Program Files\4KDownload\4kvideodownloader\4kvideodownloader.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Thüring IT-Consulting) [File not signed] C:\Program Files (x86)\MP4Tools\bin\MP4Splitter.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKU\S-1-5-21-3076391084-2480122960-4283986350-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48594832 2020-06-15] (Google LLC -> ) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {19234FBC-EF74-4241-AD34-59B55CD77843} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {293E5A3E-651D-4904-8211-E665BA72B5E6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-09] (Mozilla Corporation -> Mozilla Foundation) Task: {644A2F69-F137-4A1A-904A-40E7F1F0223A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {697FC4F7-25D7-40D1-AC40-B71C0DA3495F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-17] (Google LLC -> Google LLC) Task: {82DBC33B-F1F2-4749-B973-E176AD8E31BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D8E8C76C-2743-4EE3-8119-747CEB56D454} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-17] (Google LLC -> Google LLC) Task: {DFBD587E-3A7B-467C-8DD1-C5917D3A7BEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{e0b570fc-34a5-4763-b444-6cda1a1f6322}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== Edge: ====== Edge DefaultProfile: Default Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-21] FireFox: ======== FF DefaultProfile: utnvbqjy.default FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\utnvbqjy.default [2020-07-14] FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\j3j5l4jv.default-release [2020-07-22] FF Notifications: Mozilla\Firefox\Profiles\j3j5l4jv.default-release -> hxxps://www.thehindu.com; hxxps://indianexpress.com FF Extension: (Facebook Container) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\j3j5l4jv.default-release\Extensions\@contain-facebook.xpi [2020-07-16] FF Extension: (Enhancer for YouTube™) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\j3j5l4jv.default-release\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2020-07-14] FF Extension: (F.B Purity - Cleans up Facebook (WX)) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\j3j5l4jv.default-release\Extensions\fbpElectroWebExt@fbpurity.com.xpi [2020-07-22] [UpdateUrl:hxxps://www.fbpurity.com/FF-FBP-Ext-Updates.json] FF Extension: (SoundFixer) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\j3j5l4jv.default-release\Extensions\soundfixer@unrelenting.technology.xpi [2020-07-14] FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)