Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-07-2016 02
Ran by C&T Muhammad (administrator) on OFFICE-PC (17-07-2016 06:40:51)
Running from C:\Users\C&T Muhammad\Desktop
Loaded Profiles: C&T Muhammad (Available Profiles: C&T Muhammad)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6246400 2008-08-26] (Realtek Semiconductor)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-07-03] (Dell Inc.)
HKLM\...\Run: [DellOSD] => C:\Windows\System32\MediaButtons.exe [2166784 2008-05-08] ()
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2014-04-12] (RealNetworks, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited)
HKLM\...\Run: [RIM PeerManager] => C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4730616 2015-05-26] (BlackBerry Limited)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-14] (AVAST Software)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-2243051797-3227929194-3452157988-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2243051797-3227929194-3452157988-1000\...\Run: [Google Update] => C:\Users\C&T Muhammad\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-2243051797-3227929194-3452157988-1000\...\Run: [Dropbox Update] => C:\Users\C&T Muhammad\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-2243051797-3227929194-3452157988-1000\...\Run: [Spotify Web Helper] => C:\Users\C&T Muhammad\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-05-19] (Spotify Ltd)
HKU\S-1-5-21-2243051797-3227929194-3452157988-1000\...\Run: [Spotify] => C:\Users\C&T Muhammad\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-05-19] (Spotify Ltd)
HKU\S-1-5-21-2243051797-3227929194-3452157988-1000\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-2243051797-3227929194-3452157988-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssBranded.scr [8139264 2008-01-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\C&T Muhammad\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\C&T Muhammad\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\C&T Muhammad\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\C&T Muhammad\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\C&T Muhammad\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\C&T Muhammad\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\C&T Muhammad\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\C&T Muhammad\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-07-14] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{28AE79C2-D1A0-4CB7-9A73-B3B4F663F01D}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{A2D144FB-D371-4306-8E0E-6A9708623BAD}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=agc511&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-2243051797-3227929194-3452157988-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=agc511&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-2243051797-3227929194-3452157988-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2243051797-3227929194-3452157988-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.yahoo.com/?fr=hp-avast&type=agc511
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10591&gct=&gc=1&q={searchTerms}&crm=1
SearchScopes: HKU\S-1-5-21-2243051797-3227929194-3452157988-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2243051797-3227929194-3452157988-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2243051797-3227929194-3452157988-1000 -> {C603FAF6-5718-4F44-840A-EC8BA0159093} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2243051797-3227929194-3452157988-1000 -> {E5020A0D-E981-4474-B2BE-19D4FB675838} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-19] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-14] (AVAST Software)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-19] (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-11-28] (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.5\ViProtocol.dll [2014-05-09] (AVG Secure Search)
FireFox:
========
FF ProfilePath: C:\Users\C&T Muhammad\AppData\Roaming\Mozilla\Firefox\Profiles\vx5wbjwi.default-1384568325763
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=U270&ocid=U270DHP&osmkt=en-us
FF Keyword.URL: hxxp://www.bing.com/search?FORM=U270DF&PC=U270&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.5\\npsitesafety.dll [No File]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-12] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-12] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-05-22] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @unity3d.com/UnityPlayer -> C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll [2011-06-29] (Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2243051797-3227929194-3452157988-1000: @citrixonline.com/appdetectorplugin -> C:\Users\C&T Muhammad\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-12-07] (Citrix Online)
FF Plugin HKU\S-1-5-21-2243051797-3227929194-3452157988-1000: @fuzebox.com/Fuze Meeting NPAPI Plugin,version=1.0.0.1 -> C:\Users\C&T Muhammad\AppData\Local\Fuze Box\Fuze Meeting\npfuzeshare.dll [2014-01-03] ( )
FF Plugin HKU\S-1-5-21-2243051797-3227929194-3452157988-1000: @startmeeting.com/launcher -> C:\Users\C&T Muhammad\AppData\Local\SMPlugins\npsmlauncher.dll [2015-05-21] (Start Meeting)
FF Plugin HKU\S-1-5-21-2243051797-3227929194-3452157988-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\C&T Muhammad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2243051797-3227929194-3452157988-1000: @talk.google.com/O1DPlugin -> C:\Users\C&T Muhammad\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2243051797-3227929194-3452157988-1000: @tools.google.com/Google Update;version=3 -> C:\Users\C&T Muhammad\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-2243051797-3227929194-3452157988-1000: @tools.google.com/Google Update;version=9 -> C:\Users\C&T Muhammad\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF user.js: detected! => C:\Users\C&T Muhammad\AppData\Roaming\Mozilla\Firefox\Profiles\vx5wbjwi.default-1384568325763\user.js [2014-02-09]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2014-04-12] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-06-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-06-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-06-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-06-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-06-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2014-04-12] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\C&T Muhammad\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\C&T Muhammad\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\C&T Muhammad\AppData\Roaming\Mozilla\Firefox\Profiles\vx5wbjwi.default-1384568325763\searchplugins\bingp.xml [2015-09-30]
FF Extension: Adblock Plus - C:\Users\C&T Muhammad\AppData\Roaming\Mozilla\Firefox\Profiles\vx5wbjwi.default-1384568325763\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-24] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-02] [not signed]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-12] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-15]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-15]
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\C&T Muhammad\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\C&T Muhammad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\C&T Muhammad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-14]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [nogdfjjfhknacchjpiccacoimeelkajb] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2243051797-3227929194-3452157988-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AERTFilters; C:\Windows\system32\AERTSrv.exe [73728 2008-08-26] (Andrea Electronics Corporation)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-14] (AVAST Software)
S3 BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 RIM MDNS; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-05-26] (Apple Inc.)
S2 RIM Tunnel Service; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1355000 2015-05-26] (BlackBerry Limited)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
S2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-07-03] (Dell Inc.) [File not signed]
S2 MBAMScheduler; "C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe" [X]
S2 MBAMService; "C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-07-14] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-07-14] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91680 2016-07-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-07-14] (AVAST Software)
S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-07-14] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-07-14] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [438296 2016-07-14] (AVAST Software)
S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [184592 2016-07-14] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [66688 2016-07-14] (AVAST Software)
S0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [222056 2016-07-14] (AVAST Software)
S4 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-05-09] (AVG Technologies)
S3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-07-03] (Broadcom Corporation)
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [49904 2009-03-02] (Avanquest Software) [File not signed]
R3 DLXPDisplayName; C:\Windows\System32\DRIVERS\DLACPI.sys [14392 2008-04-16] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-07-17] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb.sys [69120 2015-01-14] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6.sys [14848 2015-05-26] (BlackBerry Limited)
S2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-05-08] (Windows ® Codename Longhorn DDK provider)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2015-02-18] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-17 06:40 - 2016-07-17 06:41 - 00022234 _____ C:\Users\C&T Muhammad\Desktop\FRST.txt
2016-07-17 06:24 - 2016-07-17 06:28 - 00036518 _____ C:\Users\C&T Muhammad\Desktop\Fixlog.txt
2016-07-17 06:23 - 2016-07-17 06:23 - 00000000 ____D C:\Users\C&T Muhammad\Desktop\FRST-OlderVersion
2016-07-16 10:15 - 2016-07-16 10:15 - 00015360 _____ C:\Users\C&T Muhammad\Desktop\2016_2017 Grade Book MUI Homeschool.xls
2016-07-15 23:18 - 2016-07-15 23:18 - 00000814 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone 1 Browser.lnk
2016-07-15 23:16 - 2016-07-14 04:40 - 00319248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-15 22:14 - 2016-07-15 23:18 - 00000000 _____ C:\Windows\system32\last.dump
2016-07-15 21:41 - 2016-07-17 06:23 - 01741824 _____ (Farbar) C:\Users\C&T Muhammad\Desktop\FRST.exe
2016-07-15 19:05 - 2016-07-15 19:05 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OFFICE-PC-Windows-Vista--Home-Premium-(32-bit).dat
2016-07-15 19:05 - 2016-07-15 19:05 - 00000000 ____D C:\RegBackup
2016-07-15 19:03 - 2016-07-15 19:03 - 00005480 _____ C:\Users\C&T Muhammad\Desktop\Tweaking.com - Windows Repair - Pre-Scan.txt
2016-07-15 16:04 - 2016-07-15 16:04 - 00001914 _____ C:\Users\C&T Muhammad\Desktop\Tweaking.com - Windows Repair.lnk
2016-07-15 16:04 - 2016-07-15 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-07-15 16:03 - 2016-07-15 16:03 - 00000000 ____D C:\Program Files\Tweaking.com
2016-07-15 15:59 - 2016-07-15 16:05 - 00181338 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2016-07-15 15:37 - 2016-07-15 15:50 - 28923184 _____ (Tweaking.com) C:\Users\C&T Muhammad\Desktop\tweaking.com_windows_repair_aio_setup.exe
2016-07-14 10:05 - 2016-07-14 10:05 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-14 04:41 - 2016-07-14 04:41 - 00354152 _____ C:\unp305310122863377426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00353611 _____ C:\unp305310122852613426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00353159 _____ C:\unp305310122858541426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00352585 _____ C:\unp305310122857449426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00352013 _____ C:\unp305310122859789426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00350944 _____ C:\unp305310122856357426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00350847 _____ C:\unp305310122855265426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00350109 _____ C:\unp305310122854173426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00349768 _____ C:\unp305310122861973426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00349747 _____ C:\unp305310122860881426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00348888 _____ C:\unp305310122851365426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00346785 _____ C:\unp305310122808465426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00345205 _____ C:\unp305310122807373426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00343530 _____ C:\unp305310122805969426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00338254 _____ C:\unp305310123090357426.mdmp
2016-07-14 04:41 - 2016-07-14 04:41 - 00335252 _____ C:\unp305310122636085426.mdmp
2016-07-14 04:40 - 2016-07-14 04:40 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2016-07-14 04:40 - 2016-07-14 04:40 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-11 12:47 - 2016-07-11 12:47 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Roaming\AVAST Software
2016-07-10 21:40 - 2016-07-10 21:40 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Roaming\AVG
2016-07-10 21:36 - 2016-07-10 21:39 - 00000000 ____D C:\ProgramData\Avg
2016-07-10 21:35 - 2016-07-10 21:40 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Local\Avg
2016-07-10 21:35 - 2016-07-10 21:37 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Local\AvgSetupLog
2016-07-10 20:30 - 2016-07-11 14:08 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Local\AvastSupport
2016-06-26 21:30 - 2016-07-17 06:40 - 00000000 ____D C:\FRST
2016-06-26 14:47 - 2016-06-26 12:07 - 54935552 _____ C:\Windows\system32\config\SOFTWARE.OLD
2016-06-26 14:47 - 2016-06-26 12:07 - 43511808 _____ C:\Windows\system32\config\COMPONENTS.OLD
2016-06-26 14:47 - 2016-06-26 12:07 - 30867456 _____ C:\Windows\system32\config\SYSTEM.OLD
2016-06-26 14:47 - 2016-06-26 12:07 - 01515520 _____ C:\Windows\system32\config\DEFAULT.OLD
2016-06-26 14:47 - 2016-06-26 12:07 - 00057344 _____ C:\Windows\system32\config\SAM.OLD
2016-06-26 14:47 - 2016-06-26 12:07 - 00028672 _____ C:\Windows\system32\config\SECURITY.OLD
2016-06-26 14:33 - 2016-06-26 14:33 - 00000000 ____D C:\Windows\system32\config\cackup
2016-06-26 14:33 - 2016-06-26 14:33 - 00000000 ____D C:\Windows\system32\config\backup
2016-06-21 10:16 - 2016-06-21 10:16 - 00297020 _____ C:\Users\C&T Muhammad\Downloads\Entering 4th Grade Summer Math Packet (2).pdf
2016-06-21 10:15 - 2016-06-21 10:16 - 00297020 _____ C:\Users\C&T Muhammad\Downloads\Entering 4th Grade Summer Math Packet.pdf
2016-06-20 04:57 - 2016-06-20 04:57 - 00235686 _____ C:\Users\C&T Muhammad\Downloads\VS111.pdf
2016-06-20 04:57 - 2016-06-20 04:57 - 00235686 _____ C:\Users\C&T Muhammad\Downloads\1 App for Birth Record VS111.pdf
2016-06-19 11:24 - 2016-07-14 07:30 - 00000814 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-19 11:24 - 2016-06-19 11:24 - 00000814 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-06-19 11:19 - 2016-07-14 04:40 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-19 11:14 - 2016-07-15 23:18 - 00001747 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-06-19 11:14 - 2016-07-13 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-06-19 11:12 - 2016-07-14 07:58 - 00438296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-19 11:12 - 2016-07-14 04:40 - 00816304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-19 11:12 - 2016-07-14 04:40 - 00222056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-19 11:12 - 2016-07-14 04:40 - 00184592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-06-19 11:12 - 2016-07-14 04:40 - 00091680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-19 11:12 - 2016-07-14 04:40 - 00066688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-06-19 11:12 - 2016-07-14 04:40 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-06-19 11:12 - 2016-07-14 04:40 - 00060424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-19 11:12 - 2016-07-14 04:40 - 00034008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-19 11:05 - 2016-06-19 11:06 - 05066104 _____ (AVAST Software) C:\Users\C&T Muhammad\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2016-06-19 10:32 - 2016-06-19 10:32 - 00000000 ____D C:\ProgramData\dbg
2016-06-19 09:48 - 2016-07-13 14:59 - 00000000 ____D C:\Program Files\Common Files\Java
2016-06-18 18:35 - 2016-06-18 18:35 - 02535247 _____ C:\Users\C&T Muhammad\Downloads\NoDocument (1).pdf
2016-06-18 12:44 - 2016-06-18 12:44 - 225955043 _____ C:\Windows\MEMORY.DMP
2016-06-18 12:44 - 2016-06-18 12:44 - 00147560 _____ C:\Windows\Minidump\Mini061816-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-17 06:35 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\inf
2016-07-17 06:35 - 2006-11-02 03:33 - 00748812 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-17 06:30 - 2011-04-09 21:29 - 00833736 _____ C:\Windows\ntbtlog.txt
2016-07-17 06:30 - 2006-11-02 05:47 - 00349648 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-17 06:24 - 2006-11-02 04:18 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-07-17 06:03 - 2006-11-02 06:01 - 00032650 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-17 06:03 - 2006-11-02 06:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-17 06:03 - 2006-11-02 05:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-17 06:03 - 2006-11-02 05:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-17 06:02 - 2016-05-19 09:07 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Local\Spotify
2016-07-17 02:48 - 2015-07-03 12:21 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-17 02:29 - 2014-01-11 14:41 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Roaming\Spotify
2016-07-16 07:43 - 2016-05-10 11:26 - 00000000 ____D C:\Users\C&T Muhammad\Desktop\Lexi Picture Folder
2016-07-16 07:42 - 2009-01-19 21:11 - 00088728 _____ C:\Users\C&T Muhammad\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-16 06:56 - 2006-11-02 05:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-07-15 22:07 - 2014-02-27 05:56 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-07-15 22:07 - 2013-03-28 13:34 - 00000258 __RSH C:\Users\C&T Muhammad\ntuser.pol
2016-07-15 22:07 - 2009-01-19 21:11 - 00000000 ____D C:\Users\C&T Muhammad
2016-07-15 21:38 - 2011-02-10 08:28 - 00000000 ____D C:\Users\C&T Muhammad\Desktop\DESKTOP ITEMS
2016-07-15 16:12 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\SchCache
2016-07-14 12:24 - 2015-09-23 18:42 - 00001945 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-14 12:24 - 2015-09-23 18:42 - 00001933 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-14 10:02 - 2014-07-18 03:18 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Roaming\Dropbox
2016-07-14 09:04 - 2013-11-16 04:05 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-07-14 09:04 - 2013-11-16 04:05 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-07-14 08:04 - 2008-11-05 17:03 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-13 15:03 - 2006-11-02 03:22 - 54935552 _____ C:\Windows\system32\config\software_previous
2016-07-13 15:00 - 2015-11-08 08:45 - 00000000 ____D C:\Program Files\Bonjour
2016-07-13 15:00 - 2015-07-03 14:01 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-07-13 15:00 - 2013-10-30 15:28 - 00000000 ____D C:\ProgramData\MFAData
2016-07-13 15:00 - 2010-06-04 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-13 15:00 - 2009-11-28 09:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-13 15:00 - 2006-11-02 05:37 - 00000000 ____D C:\Windows\ShellNew
2016-07-13 15:00 - 2006-11-02 05:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-13 15:00 - 2006-11-02 04:18 - 00000000 __RSD C:\Windows\Media
2016-07-13 15:00 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\spool
2016-07-13 15:00 - 2006-11-02 04:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-07-13 15:00 - 2006-11-02 04:18 - 00000000 ____D C:\Program Files\Common Files\Services
2016-07-13 15:00 - 2006-11-02 03:22 - 30932992 _____ C:\Windows\system32\config\system_previous
2016-07-13 14:59 - 2016-03-31 15:10 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Roaming\Research In Motion
2016-07-13 14:59 - 2016-03-28 22:58 - 00000000 ____D C:\Program Files\Common Files\XCPCSync.OEM
2016-07-13 14:59 - 2016-03-28 22:57 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Local\Research In Motion
2016-07-13 14:59 - 2016-03-28 22:45 - 00000000 ____D C:\Program Files\Common Files\Research In Motion
2016-07-13 14:59 - 2016-03-16 05:37 - 00000000 ____D C:\ProgramData\AutoKMS
2016-07-13 14:59 - 2016-03-15 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-07-13 14:59 - 2016-02-01 15:01 - 00000000 ____D C:\Program Files\Zoodles
2016-07-13 14:59 - 2016-02-01 15:01 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2016-07-13 14:59 - 2015-11-08 08:50 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2016-07-13 14:59 - 2015-11-08 08:50 - 00000000 ____D C:\Program Files\iPod
2016-07-13 14:59 - 2015-11-08 08:38 - 00000000 ____D C:\Program Files\Apple Software Update
2016-07-13 14:59 - 2015-09-30 18:02 - 00000000 ____D C:\Program Files\MSECache
2016-07-13 14:59 - 2015-07-03 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-13 14:59 - 2015-02-27 09:09 - 00000000 ____D C:\Users\C&T Muhammad\Graboid
2016-07-13 14:59 - 2015-02-27 09:01 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Roaming\Graboid Inc
2016-07-13 14:59 - 2015-02-13 02:30 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Local\Fuze Box
2016-07-13 14:59 - 2015-01-08 14:41 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-13 14:59 - 2014-10-31 07:51 - 00000000 ____D C:\Users\C&T Muhammad\AppData\LocalLow\Google
2016-07-13 14:59 - 2014-09-07 08:00 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Local\Downloadius_S.A.R.L
2016-07-13 14:59 - 2014-08-24 18:44 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Roaming\EurekaLab s.a.s
2016-07-13 14:59 - 2014-08-16 05:01 - 00000000 ____D C:\ProgramData\Oracle
2016-07-13 14:59 - 2014-07-18 03:21 - 00000000 ____D C:\Program Files\Dropbox
2016-07-13 14:59 - 2014-06-13 15:37 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-13 14:59 - 2014-05-09 00:59 - 00000000 ____D C:\ProgramData\AVG Secure Search
2016-07-13 14:59 - 2011-10-15 14:01 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Local\ElevatedDiagnostics
2016-07-13 14:59 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\registration
2016-07-13 14:59 - 2006-11-02 04:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-07-13 14:45 - 2006-11-02 03:22 - 43511808 _____ C:\Windows\system32\config\components_previous
2016-07-13 14:45 - 2006-11-02 03:22 - 00057344 _____ C:\Windows\system32\config\sam_previous
2016-07-13 13:42 - 2006-11-02 03:22 - 01515520 _____ C:\Windows\system32\config\default_previous
2016-07-13 13:42 - 2006-11-02 03:22 - 00028672 _____ C:\Windows\system32\config\security_previous
2016-07-11 21:00 - 2010-09-01 09:42 - 00000000 ____D C:\Windows\Minidump
2016-07-11 12:50 - 2009-04-29 13:31 - 00001356 _____ C:\Users\C&T Muhammad\AppData\Local\d3d9caps.dat
2016-07-10 21:39 - 2013-10-30 15:34 - 00000000 ___HD C:\$AVG
2016-07-10 21:38 - 2013-10-30 15:33 - 00000000 ____D C:\Program Files\AVG
2016-07-10 20:17 - 2016-05-26 19:03 - 00000000 ____D C:\Users\C&T Muhammad\Desktop\Zaahidah
2016-07-08 17:21 - 2013-08-20 07:12 - 00000000 ____D C:\Users\C&T Muhammad\Desktop\Homeschool
2016-07-08 04:58 - 2012-05-21 10:34 - 00000000 ____D C:\Users\C&T Muhammad\AppData\LocalLow\Temp
2016-07-07 12:58 - 2009-01-19 21:12 - 00000000 ____D C:\Users\C&T Muhammad\AppData\Local\Google
2016-07-07 12:58 - 2008-11-05 17:15 - 00000000 ____D C:\Program Files\Google
2016-07-06 18:19 - 2009-10-02 16:29 - 00400552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-26 13:07 - 2006-11-02 05:47 - 00187392 _____ C:\Windows\system32\umstartup.etl
2016-06-25 09:02 - 2013-08-14 03:12 - 00000000 ____D C:\Windows\system32\MRT
2016-06-24 06:23 - 2012-07-04 09:51 - 00000000 ____D C:\Program Files\Yahoo!
2016-06-24 06:19 - 2016-03-26 09:52 - 00000000 ____D C:\Users\C&T Muhammad\Desktop\Conscious Graphic ART
2016-06-23 19:14 - 2006-11-02 04:18 - 00000000 ___SD C:\Windows\Downloaded Program Files
2016-06-23 19:14 - 2006-11-02 04:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2016-06-23 19:13 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\Msdtc
2016-06-21 19:38 - 2016-02-01 19:14 - 00000000 ____D C:\Users\C&T Muhammad\Desktop\SimpleTrend System
2016-06-21 19:38 - 2015-12-11 04:52 - 00000000 ____D C:\Users\C&T Muhammad\Desktop\Lexi ArmyROTC_ASU INFO
2016-06-19 11:18 - 2014-06-13 15:39 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-19 10:54 - 2009-09-18 11:15 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2016-06-19 09:51 - 2014-08-16 04:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-19 09:51 - 2010-10-01 12:36 - 00000000 ____D C:\Program Files\Java
2016-06-19 09:47 - 2015-12-11 11:25 - 00000000 ____D C:\Users\C&T Muhammad\.oracle_jre_usage
2016-06-19 09:45 - 2015-06-02 18:37 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
==================== Files in the root of some directories =======
2014-06-13 15:40 - 2014-06-14 11:00 - 0005265 _____ () C:\Users\C&T Muhammad\AppData\Roaming\callbanner.png
2011-06-15 06:16 - 2015-02-22 21:47 - 0018001 _____ () C:\Users\C&T Muhammad\AppData\Roaming\UserTile.png
2009-02-11 09:29 - 2009-03-02 21:51 - 0001468 _____ () C:\Users\C&T Muhammad\AppData\Roaming\wklnhst.dat
2009-04-29 13:31 - 2016-07-11 12:50 - 0001356 _____ () C:\Users\C&T Muhammad\AppData\Local\d3d9caps.dat
2009-02-11 14:46 - 2015-08-26 11:41 - 0231424 _____ () C:\Users\C&T Muhammad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-02-11 14:55 - 2009-05-04 08:34 - 0008248 _____ () C:\Users\C&T Muhammad\AppData\Local\en.ini
2015-12-05 09:02 - 2015-12-05 09:02 - 0004096 ____H () C:\Users\C&T Muhammad\AppData\Local\keyfile3.drm
2015-06-27 19:34 - 2015-06-27 19:34 - 0000000 _____ () C:\Users\C&T Muhammad\AppData\Local\{F5BEE43F-0374-41C2-851C-243CD3D16C21}
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-17 06:22
==================== End of FRST.txt ============================