I have deleted all extension on google chrome now.
logs as below
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015
Ran by Muneeb Khan Lodhi (administrator) on MUNEEBKHANLODHI on 25-05-2015 15:01:52
Running from C:\Users\Muneeb Khan Lodhi\Desktop
Loaded Profiles: Muneeb Khan Lodhi (Available profiles: Muneeb Khan Lodhi & fbwuser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft) C:\Program Files (x86)\Spotflux\services\SpotfluxUpdateService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WordWeb Software) C:\Program Files (x86)\WordWeb\wweb32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-28] (IDT, Inc.)
HKLM-x32\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-16] (EasyBits Software AS)
HKLM-x32\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3739648 2007-01-02] (Google)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-05-02] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-09] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2238753014-2711977962-2677134643-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2238753014-2711977962-2677134643-1001\...\Run: [WordWeb] => C:\Program Files (x86)\WordWeb\wweb32.exe [77056 2013-05-17] (WordWeb Software)
HKU\S-1-5-21-2238753014-2711977962-2677134643-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25700400 2015-04-28] (Google)
HKU\S-1-5-21-2238753014-2711977962-2677134643-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31276160 2015-04-17] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-05-20] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2238753014-2711977962-2677134643-1001 -> {6CFE476D-5A9B-4DA2-9845-BBB998B54DB2} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-20] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-20] (AVAST Software)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-10-15] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 211.29.132.12 198.142.0.51 198.142.235.14
Tcpip\..\Interfaces\{94A4D621-663F-45D3-8D5E-388172431E81}: [NameServer] 4.2.2.1,4.2.2.2,44.105.12.1
Tcpip\..\Interfaces\{C7049B33-2BB1-4367-9574-7E85289B4008}: [NameServer] 8.8.8.8
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-05-02] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-11-18]
FF HKU\S-1-5-21-2238753014-2711977962-2677134643-1001\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\WordWeb\WCaptureMoz
FF Extension: WordWeb one-click lookup - C:\Program Files (x86)\WordWeb\WCaptureMoz [2014-03-21]
Chrome:
=======
CHR Profile: C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-24]
CHR Extension: (Google Docs) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-24]
CHR Extension: (Google Drive) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-24]
CHR Extension: (YouTube) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-24]
CHR Extension: (Google Search) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-24]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-05-24]
CHR Extension: (Google Sheets) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-24]
CHR Extension: (Bookmark Manager) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-24]
CHR Extension: (Google Wallet) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24]
CHR Extension: (Gmail) - C:\Users\Muneeb Khan Lodhi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-05-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-20] (AVAST Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-24] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-03-20] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2014-03-15] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-29] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 SpotfluxUpdateService; C:\Program Files (x86)\Spotflux\services\SpotfluxUpdateService.exe [28160 2014-01-21] (Microsoft) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-20] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-26] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [54984 2014-03-20] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-03] (REALiX)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-20] (Anchorfree Inc.)
R3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2014-01-21] (Spotflux, Inc.)
S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X]
S3 Generalusbserialser20679; system32\DRIVERS\CT_U_USBSER.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-25 15:01 - 2015-05-25 15:06 - 00022183 _____ () C:\Users\Muneeb Khan Lodhi\Desktop\FRST.txt
2015-05-24 22:41 - 2015-05-24 22:41 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-24 22:41 - 2015-05-24 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-24 22:29 - 2015-05-24 22:29 - 00191641 _____ () C:\Users\Muneeb Khan Lodhi\Documents\bookmarks_5_24_15.html
2015-05-24 19:57 - 2015-05-24 19:57 - 00000000 __SHD () C:\Users\Muneeb Khan Lodhi\AppData\Local\EmieUserList
2015-05-24 19:57 - 2015-05-24 19:57 - 00000000 __SHD () C:\Users\Muneeb Khan Lodhi\AppData\Local\EmieSiteList
2015-05-24 19:57 - 2015-05-24 19:57 - 00000000 __SHD () C:\Users\Muneeb Khan Lodhi\AppData\Local\EmieBrowserModeList
2015-05-24 16:26 - 2015-05-24 16:26 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-24 15:14 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-05-24 14:41 - 2015-05-24 14:41 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-24 14:41 - 2015-05-24 14:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-24 14:41 - 2015-05-24 14:41 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-24 14:41 - 2015-05-24 14:41 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-24 14:41 - 2015-05-24 14:41 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-05-24 14:41 - 2015-05-24 14:41 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-05-24 14:41 - 2015-05-24 14:41 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-24 14:41 - 2015-05-24 14:41 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-24 14:41 - 2015-05-24 14:41 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-05-24 14:41 - 2015-05-24 14:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-05-24 14:41 - 2015-05-24 14:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-05-24 14:41 - 2015-05-24 14:41 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-05-24 14:41 - 2015-05-24 14:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-24 14:16 - 2015-05-24 15:15 - 00008138 _____ () C:\Windows\IE11_main.log
2015-05-24 14:14 - 2015-05-24 14:16 - 55915216 _____ (Microsoft Corporation) C:\Users\Muneeb Khan Lodhi\Downloads\IE11-Windows6.1-x64-en-us.exe
2015-05-23 11:32 - 2015-05-23 11:32 - 02347384 _____ (ESET) C:\Users\Muneeb Khan Lodhi\Desktop\esetsmartinstaller_enu.exe
2015-05-22 19:45 - 2015-05-22 19:46 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\Desktop\Sep 2015 Pak visit
2015-05-22 19:17 - 2015-05-22 19:18 - 00852639 _____ () C:\Users\Muneeb Khan Lodhi\Desktop\SecurityCheck.exe
2015-05-21 23:06 - 2015-05-22 19:15 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-21 23:06 - 2015-05-21 23:06 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-21 23:06 - 2015-05-21 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-21 23:05 - 2015-05-21 23:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-21 23:05 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-21 23:05 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-21 23:05 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-21 23:04 - 2015-05-21 23:04 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Muneeb Khan Lodhi\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-21 20:22 - 2015-05-21 20:23 - 00984576 _____ () C:\Users\Muneeb Khan Lodhi\Downloads\MicrosoftFixit50906.msi
2015-05-20 22:51 - 2015-05-22 19:27 - 02108416 _____ (Farbar) C:\Users\Muneeb Khan Lodhi\Desktop\FRST64.exe
2015-05-20 22:51 - 2015-05-22 19:27 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\Desktop\FRST-OlderVersion
2015-05-20 22:46 - 2015-05-20 22:46 - 00011017 _____ () C:\Users\Muneeb Khan Lodhi\Desktop\JRT.txt
2015-05-20 22:35 - 2015-05-20 22:35 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MUNEEBKHANLODHI-Windows-7-Home-Premium-(64-bit).dat
2015-05-20 22:35 - 2015-05-20 22:35 - 00000000 ____D () C:\RegBackup
2015-05-20 22:32 - 2015-05-20 22:34 - 02720149 _____ (Thisisu) C:\Users\Muneeb Khan Lodhi\Desktop\JRT.exe
2015-05-20 21:43 - 2015-05-20 22:25 - 00000000 ____D () C:\AdwCleaner
2015-05-20 21:40 - 2015-05-20 21:40 - 02209792 _____ () C:\Users\Muneeb Khan Lodhi\Desktop\AdwCleaner.exe
2015-05-18 20:36 - 2015-05-25 15:02 - 00000000 ____D () C:\FRST
2015-05-18 20:35 - 2015-05-20 22:51 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\Desktop\Malware Removal Geekstogo
2015-05-17 14:39 - 2015-05-17 14:40 - 00000000 ___HD () C:\Windows\AxInstSV
2015-05-14 21:41 - 2015-05-14 21:41 - 00003216 _____ () C:\Windows\System32\Tasks\{15E9BB29-D3C9-4E7F-A4E6-E79B754ED583}
2015-05-14 21:01 - 2015-05-24 15:17 - 00004684 _____ () C:\Windows\PFRO.log
2015-05-13 21:15 - 2015-05-13 22:39 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\Desktop\AOE Conqu
2015-05-13 19:32 - 2015-05-24 22:34 - 00000952 _____ () C:\Windows\setupact.log
2015-05-13 19:32 - 2015-05-13 19:32 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-12 19:28 - 2015-05-24 15:15 - 00203221 _____ () C:\Windows\WindowsUpdate.log
2015-05-09 19:02 - 2015-05-09 19:02 - 00002828 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-09 19:01 - 2015-05-09 19:02 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-09 19:01 - 2015-05-09 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-09 18:59 - 2015-05-09 19:00 - 06484352 _____ (Piriform Ltd) C:\Users\Muneeb Khan Lodhi\Downloads\ccsetup505.exe
2015-05-07 21:08 - 2015-05-07 21:08 - 00007605 _____ () C:\Users\Muneeb Khan Lodhi\AppData\Local\Resmon.ResmonCfg
2015-05-03 19:33 - 2015-05-03 19:33 - 00083656 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2015-05-03 19:33 - 2015-05-03 19:33 - 00043720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2015-05-03 19:29 - 2015-05-03 19:29 - 00110080 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-05-03 19:29 - 2015-05-03 19:29 - 00094720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2015-05-03 19:20 - 2015-05-03 19:20 - 00026528 _____ (REALiX) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-25 15:03 - 2013-01-27 13:28 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\AppData\Roaming\Skype
2015-05-25 14:46 - 2013-07-06 23:23 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-25 14:10 - 2013-01-26 09:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-25 05:46 - 2013-07-06 23:23 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-25 04:09 - 2013-01-26 04:50 - 00004002 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{59DEE8B0-3AF2-4D7E-BEC0-A3B0537DDE08}
2015-05-24 22:42 - 2009-07-14 14:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-24 22:42 - 2009-07-14 14:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-24 22:41 - 2013-01-26 09:11 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\AppData\Local\Google
2015-05-24 22:41 - 2013-01-26 09:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-24 22:37 - 2014-05-23 17:44 - 00000000 ___RD () C:\Users\Muneeb Khan Lodhi\Google Drive
2015-05-24 22:35 - 2013-01-26 08:47 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-24 22:34 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-24 19:52 - 2013-01-26 11:11 - 00346624 _____ () C:\Users\Muneeb Khan Lodhi\Documents\awein.xls
2015-05-24 16:50 - 2013-01-26 08:42 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\AppData\Roaming\Adobe
2015-05-24 16:49 - 2014-08-17 22:26 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\AppData\Local\Adobe
2015-05-24 16:28 - 2014-12-24 17:30 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-24 16:25 - 2011-10-15 16:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-24 16:24 - 2011-10-15 16:25 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-24 16:01 - 2013-01-26 04:50 - 00001417 _____ () C:\Users\Muneeb Khan Lodhi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-24 15:18 - 2007-01-02 11:25 - 00000000 ____D () C:\Windows\Panther
2015-05-24 15:15 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-24 14:57 - 2013-11-18 09:39 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-05-24 14:57 - 2013-11-18 09:39 - 00002210 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-05-24 14:57 - 2013-11-18 09:39 - 00002049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-05-24 14:45 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\servicing
2015-05-23 22:28 - 2013-01-26 19:10 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\AppData\Local\CrashDumps
2015-05-23 03:23 - 2011-10-15 16:22 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-05-23 03:22 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-23 03:21 - 2011-10-15 16:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-05-21 23:05 - 2013-03-19 06:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-21 21:38 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-21 21:12 - 2011-10-15 16:21 - 00000000 ____D () C:\ProgramData\Skype
2015-05-21 20:49 - 2013-04-08 00:51 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-05-21 07:21 - 2015-03-20 23:19 - 00002942 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Muneeb_Khan_Lodhi
2015-05-18 19:50 - 2014-07-25 21:43 - 00000000 ____D () C:\ProgramData\ProductData
2015-05-17 14:42 - 2013-01-26 09:05 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-17 14:42 - 2013-01-26 09:05 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-17 14:42 - 2011-10-15 16:07 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-16 12:22 - 2013-05-21 07:18 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\Documents\Imp Data & People
2015-05-16 05:41 - 2013-07-06 23:23 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 05:41 - 2013-07-06 23:23 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 21:19 - 2011-10-15 16:21 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-05-10 19:59 - 2013-01-26 11:11 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\Documents\Books & Learning
2015-05-10 00:21 - 2013-01-26 11:28 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2015-05-10 00:21 - 2013-01-26 11:11 - 00001039 _____ () C:\Users\Muneeb Khan Lodhi\Desktop\KMPlayer.lnk
2015-05-09 19:04 - 2013-02-25 04:33 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\AppData\Roaming\PhotoScape
2015-05-08 20:47 - 2014-05-23 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-07 20:51 - 2009-07-14 15:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-03 19:23 - 2014-07-25 21:44 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\AppData\Roaming\ProductData
2015-05-03 19:22 - 2013-04-08 00:51 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\AppData\Roaming\IObit
2015-05-03 19:20 - 2013-04-08 00:51 - 00000000 ____D () C:\ProgramData\IObit
2015-04-26 06:05 - 2013-01-26 11:11 - 00000000 ____D () C:\Users\Muneeb Khan Lodhi\Desktop\IK latest
2015-04-26 00:29 - 2009-07-14 15:13 - 00778834 _____ () C:\Windows\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2015-05-07 21:08 - 2015-05-07 21:08 - 0007605 _____ () C:\Users\Muneeb Khan Lodhi\AppData\Local\Resmon.ResmonCfg
2014-09-18 10:58 - 2014-09-18 10:58 - 0000057 _____ () C:\ProgramData\Ament.ini
Some files in TEMP:
====================
C:\Users\Muneeb Khan Lodhi\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-04 00:29
==================== End of log ============================