Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

COMPUTER IS STRUCING A LOT AND AUDIO IS BREAKING

Started by K SRINIVAS , May 23 2020 12:52 AM

Please log in to reply

#16
K SRINIVAS

Posted 24 May 2020 - 05:37 AM

Member

Topic Starter
Member
30 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01 Ran by SRINIVAS (24-05-2020 16:20:36) Run:1 Running from C:\Users\SRINIVAS\Desktop Loaded Profiles: SRINIVAS Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: CloseProcesses: (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe Task: {086B263B-4120-433E-8B54-583A1963C85D} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} "C:\Program Files\Common Files\McAfee\Platform\McAMTaskAgent.exe" Task: {1AEFCE41-5563-41D1-8AA0-B21D88E03858} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe Task: {5FB9EA95-16E0-4FC6-B569-FB64C7A285AB} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\Windows\TEMP\DeleteFolderTask.exe <==== ATTENTION Task: {62D4FCBC-6CF0-47F1-A0BB-E551AEE0CAF9} - System32\Tasks\McAfeeLogon => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe Task: {E7456747-C2B5-4573-9EB2-08A23696DA45} - System32\Tasks\McAfee McItInfo => C:\Users\SRINIVAS\AppData\Local\Temp\mcitinfo_1441018627.exe <==== ATTENTION URLSearchHook: HKU\S-1-5-21-694628291-767070351-3124995916-1001 - (No Name) - {cf7c1ceb-1fb1-417f-bb89-821eebc91a22} - C:\Program Files (x86)\ProductivityBoss_e5\bar\4.bin\e5SrcAs.dll No File SearchScopes: HKU\S-1-5-21-694628291-767070351-3124995916-1001 -> {a37187ba-df01-4b27-a7c9-a645524b0517} URL = hxxp://int.search.tb.ask.com/search/GGmain.jhtml?p2=^BYM^xdm008^YYA^in&ptb=6305F8E3-B0C4-4ACC-97C8-2E4C4E150271&ind=2015101005&n=781c004d&psa=&st=sb&searchfor={searchTerms} BHO-x32: No Name -> {5754a7f4-5cb7-4287-8354-170a8c185349} -> No File BHO-x32: Toolbar BHO -> {589cd417-937b-4d56-bb76-55260209dc19} -> C:\PROGRA~2\PRODUC~1\bar\4.bin\e5bar.dll => No File FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2015-09-01] [Legacy] [not signed] FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [No File] FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [No File] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [akhdblbjebmbllhinponghfmaekhlhob] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bghejdcdajlenjngcknlkkoakmmjfanb] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cckdoammdligdedbakcgnmegjljgipjb] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [clmghkfhfkcfhpccgbafbailibgogkbi] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eajjckckolcbgmmenaiiigegbadpeghb] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eoepodkgpakekgncgnfnijcippobokhp] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iadddcofhgaeeniecnhpopipbhijnphj] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iedokolghlgkcnafplkbjeokfamliokd] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jddmfogomafbmjkfcpfpnjfgecnjffng] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kpmccjcnkhkgcipodalpmbpighkgiaif] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lopcjmbilgeapfldddijpgpahphngjdk] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mhgliccaogcekoldfmachhehepjdfobj] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfkbfmjkmioenefhjdonleflegoephgm] CHR HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pedogdjgmjlabbbdhokgdafpglnjinhc] CHR HKLM-x32\...\Chrome\Extension: [cckdoammdligdedbakcgnmegjljgipjb] CHR HKLM-x32\...\Chrome\Extension: [clmghkfhfkcfhpccgbafbailibgogkbi] CHR HKLM-x32\...\Chrome\Extension: [eajjckckolcbgmmenaiiigegbadpeghb] CHR HKLM-x32\...\Chrome\Extension: [eoepodkgpakekgncgnfnijcippobokhp] CHR HKLM-x32\...\Chrome\Extension: [iedokolghlgkcnafplkbjeokfamliokd] CHR HKLM-x32\...\Chrome\Extension: [kpmccjcnkhkgcipodalpmbpighkgiaif] CHR HKLM-x32\...\Chrome\Extension: [mhgliccaogcekoldfmachhehepjdfobj] CHR HKLM-x32\...\Chrome\Extension: [nfkbfmjkmioenefhjdonleflegoephgm] CHR HKLM-x32\...\Chrome\Extension: [pedogdjgmjlabbbdhokgdafpglnjinhc] R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc. -> McAfee, Inc.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc. -> McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-15] (McAfee, Inc. -> McAfee, Inc.) S2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc. -> McAfee, Inc.) S2 HomeNetSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X] S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X] S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X] S2 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X] S2 McNaiAnn; "C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X] S3 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [X] S2 mcpltsvc; "C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X] S2 McProxy; "C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X] S2 MSK80Service; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X] S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc. -> McAfee, Inc.) S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc. -> McAfee, Inc.) S3 mfefirek; C:\Windows\system32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc. -> McAfee, Inc.) S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc. -> McAfee, Inc.) S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc. -> McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc. -> McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc. -> McAfee, Inc. 2020-05-07 11:04 - 2015-05-15 06:27 - 000000000 ____D C:\ProgramData\McAfee 2020-05-07 11:04 - 2015-05-15 06:27 - 000000000 ____D C:\Program Files (x86)\McAfee 2020-05-06 21:13 - 2015-09-01 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2020-05-06 20:45 - 2015-05-15 06:27 - 000000000 ____D C:\Program Files\mcafee safeboot: DsRepair => The system is configured to boot to Safe Mode <==== ATTENTION ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\PROGRA~1\mcafee\msc\MCCTXM~1.DLL -> No File ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\PROGRA~1\mcafee\msc\MCCTXM~1.DLL -> No File AlternateDataStreams: C:\Users\SRINIVAS\Downloads\051030813071915903_1563028945394.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07_Key (1).pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07_Key.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\2020-05-09XXHoliday Revision Work for class 9XXClass IX.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\7th_UCO.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\7_Solution.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\class 10 holiday homework pdf.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\email id and mobile modification.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\Grade5-30859-2-4576.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\nstse-answer-key-class-7.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE-Class-7-Solutions-2015.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE_7 (1).pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE_7.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Downloads\SocialScience6To8.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Documents\email id and mobile modification.pdf:SandBoxSafeFile [0] AlternateDataStreams: C:\Users\SRINIVAS\Documents\HTML_GUIDE.pdf:SandBoxSafeFile [0] FirewallRules: [{85693BFD-94CA-447E-BF63-01AAAA52D0B9}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => No File FirewallRules: [{608E8BEB-CDBD-47FE-B2C6-C82018E3D5F9}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => No File FirewallRules: [{ADEA43D7-B64B-490C-80F2-0ED751735071}] => (Allow) C:\Users\SRINIVAS\AppData\Roaming\Zoom\bin\airhost.exe => No File C:\ProgramData\McAfee C:\Program Files (x86)\McAfee EmptyTemp: ***************** Error: (0) Failed to create a restore point. Processes closed successfully. C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe => No running process found C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe => No running process found "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{086B263B-4120-433E-8B54-583A1963C85D}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{086B263B-4120-433E-8B54-583A1963C85D}" => removed successfully C:\Windows\System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Auto Maintenance Task Agent" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AEFCE41-5563-41D1-8AA0-B21D88E03858}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AEFCE41-5563-41D1-8AA0-B21D88E03858}" => removed successfully C:\Windows\System32\Tasks\McAfee Remediation (Prepare) => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee Remediation (Prepare)" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FB9EA95-16E0-4FC6-B569-FB64C7A285AB}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FB9EA95-16E0-4FC6-B569-FB64C7A285AB}" => removed successfully C:\Windows\System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{62D4FCBC-6CF0-47F1-A0BB-E551AEE0CAF9}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62D4FCBC-6CF0-47F1-A0BB-E551AEE0CAF9}" => removed successfully C:\Windows\System32\Tasks\McAfeeLogon => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfeeLogon" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E7456747-C2B5-4573-9EB2-08A23696DA45}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7456747-C2B5-4573-9EB2-08A23696DA45}" => removed successfully C:\Windows\System32\Tasks\McAfee McItInfo => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee McItInfo" => removed successfully "HKU\S-1-5-21-694628291-767070351-3124995916-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{cf7c1ceb-1fb1-417f-bb89-821eebc91a22}" => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a37187ba-df01-4b27-a7c9-a645524b0517} => removed successfully HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5754a7f4-5cb7-4287-8354-170a8c185349} => removed successfully HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{589cd417-937b-4d56-bb76-55260209dc19} => removed successfully HKLM\Software\Wow6432Node\Classes\CLSID\{589cd417-937b-4d56-bb76-55260209dc19} => removed successfully "HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\[email protected]" => not found "C:\Program Files\McAfee\MSK" => not found HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10 => not found HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10 => not found HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\akhdblbjebmbllhinponghfmaekhlhob => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\bghejdcdajlenjngcknlkkoakmmjfanb => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\cckdoammdligdedbakcgnmegjljgipjb => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\clmghkfhfkcfhpccgbafbailibgogkbi => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\eajjckckolcbgmmenaiiigegbadpeghb => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\eoepodkgpakekgncgnfnijcippobokhp => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\iadddcofhgaeeniecnhpopipbhijnphj => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\iedokolghlgkcnafplkbjeokfamliokd => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\jddmfogomafbmjkfcpfpnjfgecnjffng => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\kpmccjcnkhkgcipodalpmbpighkgiaif => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\lopcjmbilgeapfldddijpgpahphngjdk => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\mhgliccaogcekoldfmachhehepjdfobj => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\nfkbfmjkmioenefhjdonleflegoephgm => removed successfully HKU\S-1-5-21-694628291-767070351-3124995916-1001\SOFTWARE\Google\Chrome\Extensions\pedogdjgmjlabbbdhokgdafpglnjinhc => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cckdoammdligdedbakcgnmegjljgipjb => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\clmghkfhfkcfhpccgbafbailibgogkbi => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eajjckckolcbgmmenaiiigegbadpeghb => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eoepodkgpakekgncgnfnijcippobokhp => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iedokolghlgkcnafplkbjeokfamliokd => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpmccjcnkhkgcipodalpmbpighkgiaif => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhgliccaogcekoldfmachhehepjdfobj => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nfkbfmjkmioenefhjdonleflegoephgm => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pedogdjgmjlabbbdhokgdafpglnjinhc => removed successfully HKLM\System\CurrentControlSet\Services\mccspsvc => removed successfully mccspsvc => service removed successfully mfefire => service not found. HKLM\System\CurrentControlSet\Services\mfemms => removed successfully mfemms => service removed successfully mfevtp => service not found. HomeNetSvc => service not found. McAPExe => service not found. HKLM\System\CurrentControlSet\Services\mcbootdelaystartsvc => removed successfully mcbootdelaystartsvc => service removed successfully McMPFSvc => service not found. McNaiAnn => service not found. McODS => service not found. mcpltsvc => service not found. McProxy => service not found. MSK80Service => service not found. HKLM\System\CurrentControlSet\Services\mfeaack => removed successfully mfeaack => service removed successfully mfeavfk => service not found. mfefirek => service not found. mfehidk => service not found. mfencbdc => service not found. HKLM\System\CurrentControlSet\Services\mfencrk => removed successfully mfencrk => service removed successfully mfewfpk => service not found. "C:\ProgramData\McAfee" => not found "C:\Program Files (x86)\McAfee" => not found "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee" => not found "C:\Program Files\mcafee" => not found ========================= bcdedit ======================== The operation completed successfully. ========= End of bcdedit ========= HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\McCtxMenuFrmWrk => not found HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\McCtxMenuFrmWrk => not found C:\Users\SRINIVAS\Downloads\051030813071915903_1563028945394.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\07.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\07_Key (1).pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\07_Key.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\2020-05-09XXHoliday Revision Work for class 9XXClass IX.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\7th_UCO.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\7_Solution.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\class 10 holiday homework pdf.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\email id and mobile modification.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\Grade5-30859-2-4576.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\nstse-answer-key-class-7.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\NSTSE-Class-7-Solutions-2015.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\NSTSE_7 (1).pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\NSTSE_7.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Downloads\SocialScience6To8.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Documents\email id and mobile modification.pdf => ":SandBoxSafeFile" ADS removed successfully C:\Users\SRINIVAS\Documents\HTML_GUIDE.pdf => ":SandBoxSafeFile" ADS removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{85693BFD-94CA-447E-BF63-01AAAA52D0B9}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{608E8BEB-CDBD-47FE-B2C6-C82018E3D5F9}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ADEA43D7-B64B-490C-80F2-0ED751735071}" => removed successfully "C:\ProgramData\McAfee" => not found "C:\Program Files (x86)\McAfee" => not found =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 54764159 B Java, Flash, Steam htmlcache => 23087 B Windows/system/drivers => 1766898520 B Edge => 0 B Chrome => 144015105 B Firefox => 0 B Opera => 5360352 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 46377 B systemprofile32 => 1635823 B LocalService => 3307365 B NetworkService => 5836123558 B SRINIVAS => 5883742635 B RecycleBin => 61756119 B EmptyTemp: => 12.8 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 16:30:56 ====

#17
icotonev

Posted 24 May 2020 - 06:06 AM

Trusted Helper

Malware Removal
250 posts

Again, I remind you to attach the diary ... not to copy it ...!

#18
K SRINIVAS

Posted 24 May 2020 - 06:52 AM

Member

Topic Starter
Member
30 posts

Sir This is the fixlog file. Sorry for the inconvenience regretted Thank you

Attached Files

Fixlog.txt 20.73KB 189 downloads

#19
icotonev

Posted 24 May 2020 - 08:21 AM

Trusted Helper

Malware Removal
250 posts

Great ..! Let's proceed like this:

Malwarebytes Anti-Malware

You may have Malwarebytes Anti-Malware installed but if not, you can download it from here:

run the program
click on the ‘Dashboard’ to make sure everything is up to date, (it is not necessary to upgrade to the premium version of MBAM)
click on the ‘Scan’ tab, (directly below the Dashboard tab)
select the Custom Scan option
at the bottom, click on Configure Scan
in the right window, place a checkmark next to the drive letter of your USB device
click the Scan Now button
Threat Scan will begin
when the scan has completed and if malware was found, click the Quarantine Selected button to allow MBAM to quarantine what was found
if prompted to restart the computer, close all other programs and click Yes to restart your computer
once you are back at your desktop, open MBAM once more
click on the ‘Reports’ tab
double-click on the most recent Scan Report
click on Export, then Copy to Clipboard

----------------------------------------------------------------------------------------------------------------------------------------------------

AdwCleaner

Download AdwCleaner from here and save it to your desktop.

run AdwCleaner by clicking on Scan Now
when it has finished, leave everything that was found checked, (ticked), then click on Clean and Repair
if it asks to reboot, allow the reboot
on reboot, click on View Log File; please attach the content of the log to your next reply.

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Re-scan with FRST

Double-click FRST.exe/FRST64.exe to run it.
Press the Scan button.
When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
Please copy and paste the logs in your next reply.

------------------------------------------------------------------------------------------------------------------------------------------------------------

In your next reply, please include:

Mbam.txt
AdwCleaner log
FRST.txt
Addition.txt

#20
K SRINIVAS

Posted 24 May 2020 - 09:25 AM

Member

Topic Starter
Member
30 posts

Sir In the above download link of malware bytes which to download sir. There are 2 options One is DOWNLOAD NOW @ Bleeping computer. And the other one is DOWNLOAD NOW version 3.8.3

#21
icotonev

Posted 24 May 2020 - 09:29 AM

Trusted Helper

Malware Removal
250 posts

DOWNLOAD NOW

#22
K SRINIVAS

Posted 24 May 2020 - 11:40 PM

Member

Topic Starter
Member
30 posts

Sir i have downloaded Malware bytes it is stating that it is premium trial. In that there is scan option but i could not find custom scan and configure. Can you please tell what to do sir. Thank you

#23
K SRINIVAS

Posted 24 May 2020 - 11:44 PM

Member

Topic Starter
Member
30 posts

Sir i have normally scanned the PC using malwarebytes and here is the report sir.

#24
K SRINIVAS

Posted 24 May 2020 - 11:52 PM

Member

Topic Starter
Member
30 posts

Here is the report of the scan done by MBAM

Sir i will download the ADW Cleaner and i will shortly post the ADW cleaner log sir Thank you

Sir these are the log files of the ADW cleaner scan Thank you

And this is the other one sir Thank you

Sir please solve my problem as soon as possible. And i am currently performing FRST scan. Shortly i will post the FRST and additional files sir. Thank you

Sir i have performed the scan of the farbar recovery scan tool. Here are the FRST and additional files. Please solve my problem as soon as possible. Thank you

Sir this is the additional file.

Attached Files

Scan report mbam.txt 10.99KB 193 downloads
AdwCleanerC00.txt 4.13KB 199 downloads
AdwCleanerS00.txt 8KB 201 downloads
FRST.txt 37.98KB 188 downloads
Addition.txt 35.22KB 192 downloads

#25
icotonev

Posted 25 May 2020 - 03:38 AM

Trusted Helper

Malware Removal
250 posts

Great ..! Let me know how the computer is doing...? What problems are you experiencing at this stage with your machine..?

#26
K SRINIVAS

Posted 25 May 2020 - 04:02 AM

Member

Topic Starter
Member
30 posts

Sir
Now also in my PC there is a problem of hanging. It's being struck all of the sudden and start up of PC is also taking much time and while I am working on chrome it gets blackout stating page is irresponsive and also when I am in meeting in zoom audio breaks heavily. PC is hanging. These are the problems which I am facing yet

#27
K SRINIVAS

Posted 25 May 2020 - 04:05 AM

Member

Topic Starter
Member
30 posts

Sir
Mainly my PC is very slow sir due to which reason I am not able to understand sir.
What to do sir??

#28
icotonev

Posted 25 May 2020 - 09:16 AM

Trusted Helper

Malware Removal
250 posts

Farbar Recovery Scan Tool - Fix

Highlight the contents of the below code box and press Ctrl + C on your keyboard:

Start::
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
2020-05-24 16:06 - 2020-05-24 15:37 - 003480040 _____ (McAfee, Inc.) C:\Users\SRINIVAS\Desktop\MCPR.exe
2020-05-24 15:37 - 2020-05-24 15:37 - 003480040 _____ (McAfee, Inc.) C:\Users\SRINIVAS\Downloads\MCPR.exe
2020-05-24 16:27 - 2015-09-01 21:30 - 000000000 ____D C:\Windows\system32\Tasks\McAfee
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\051030813071915903_1563028945394.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07_Key (1).pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\07_Key.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\2020-05-09XXHoliday Revision Work for class 9XXClass IX.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\7th_UCO.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\7_Solution.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\class 10 holiday homework pdf.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\email id and mobile modification.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\Grade5-30859-2-4576.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\nstse-answer-key-class-7.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE-Class-7-Solutions-2015.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE_7 (1).pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\NSTSE_7.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Downloads\SocialScience6To8.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Documents\email id and mobile modification.pdf:SandBoxSafeFile [0]
AlternateDataStreams: C:\Users\SRINIVAS\Documents\HTML_GUIDE.pdf:SandBoxSafeFile [0]

CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: sfc /scannow

EmptyTemp:
End::

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Double-click FRST.exe/FRST64.exe to run it.
Press the Fix button just once and wait.
Note: No need to paste the script into FRST.
Restart the computer if prompted.
When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
Please copy and paste its contents into your reply.

---------------------------------------------------

In your next reply, please include:

Fixlog.txt

#29
K SRINIVAS

Posted 25 May 2020 - 10:57 PM

Member

Topic Starter
Member
30 posts

Sir
As mentioned above you told not to paste the above script in FRST64. Then after pressing Ctrl+C what we have to do sir.

#30
K SRINIVAS

Posted 27 May 2020 - 01:58 AM

Member

Topic Starter
Member
30 posts

Dear Sir,

I did not understand your instruction clearly. Can you please confirm what to do after pressing Ctrl+C and double clicking on FRST64 ?

Do i need to directly press ''fix'' and no need to paste the copied content as above.

Sorry for the inconvenience. Wanted to double confirm before proceeding. Previously , while following your instruction for ''fix'' using FRST64, i copied and pasted in FRST64 fix search box and then ran.

Please clear my doubt this time.

Thanks