March 20th, 2014, 08:38 PM
#1
[RESOLVED] Slow and freezing
My laptop has been incredibly slow and freezing up A LOT lately. The battery won't charge while my laptop is on, only when it is off/on hibernate, etc. It says "plugged in, charging" and I guess technically does charge, but it would take ALL day compared to the hour or so it took before. Not sure if that bit is because of a virus or not, but figured I would make it known anyway.
It's a Toshiba Satellite C40D, and is only 3 months old. Please help me fix this! I have Avast antivirus installed and it found no threats, but there were 2 files that it said it couldn't be scanned. The MBAM log is below, but I can't get DDS to run. Tried installing a few times, but when I try to open it, it says it's not meant to run in compatibility mode so its going to close.
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2014.03.20.07
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16521
Michelle :: MICHELLE [administrator]
Protection: Enabled
2014-03-20 9:43:29 PM
mbam-log-2014-03-20 (21-43-29).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224576
Time elapsed: 8 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 3
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Quarantined and deleted successfully.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SEARCHPROTECTINT (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
Registry Values Detected: 1
HKCU\Software\SearchProtectINT|Install (PUP.Optional.SearchProtect.A) -> Data: 1 -> Quarantined and deleted successfully.
Registry Data Items Detected: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShopHelp&co=CA&userid=7ceeb652-c9ea-efcf-5ba3-70a80bc82e76&searchtype=ds&q={searchTerms}&installDate=25/12/2013) Good: (http://www.google.com ) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShopHelp&co=CA&userid=7ceeb652-c9ea-efcf-5ba3-70a80bc82e76&searchtype=ds&q={searchTerms}&installDate=25/12/2013) Good: (http://www.google.com ) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShopHelp&co=CA&userid=7ceeb652-c9ea-efcf-5ba3-70a80bc82e76&searchtype=ds&q={searchTerms}&installDate=25/12/2013) Good: (http://www.google.com ) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShopHelp&co=CA&userid=7ceeb652-c9ea-efcf-5ba3-70a80bc82e76&searchtype=ds&q={searchTerms}&installDate=25/12/2013) Good: (http://www.google.com ) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\$Recycle.Bin\S-1-5-21-2676312113-550927975-3917386946-1001\$RTO7UKP.exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2676312113-550927975-3917386946-1001\$RXNM63S.exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2676312113-550927975-3917386946-1001\$RZQUP10.exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.
(end)
March 21st, 2014, 08:14 PM
#2
You abandoned this topic in the past: http://discussions.virtualdr.com/sho...puter-cleaning
Unless I hear very good explanation I won't be able to help.
March 21st, 2014, 08:22 PM
#3
I was at home for Christmas holidays visiting my parents (they are a 12 hour drive from me) and I was trying to clean their computer for them, at the request of my father, while I was home. But my holidays were over before the process was finished. I told my dad how to go online and finish it, he knows computers well enough to be able to follow direction on here, but he didn't do it.
This current topic is about my own laptop. But I apologize for not explaining that before.
March 22nd, 2014, 12:25 AM
#4
Fair enough but it can't happen again,
I still need DDS logs.
March 22nd, 2014, 03:59 AM
#5
I can't get dds to run. I downloaded it and saved it to the desktop, and when I try to run it, it says that it can't run in compatibility mode. I tried downloading from both links that were provided but can't get it to work. It's probably something simple that I am not doing, but I have no idea.
March 22nd, 2014, 11:51 AM
#6
I see. This is Windows 8.
Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers. Double click on adwcleaner.exe to run the tool. Click on Scan button. When the scan has finished click on Clean button. Your computer will be rebooted automatically. A text file will open after the restart. Please post the contents of that logfile with your next reply. You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Junkware Removal Tool to your desktop.
Shut down your protection software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message.
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note : You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt ) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt ). Please copy and paste it to your reply.
March 22nd, 2014, 03:08 PM
#7
# AdwCleaner v3.022 - Report created 22/03/2014 at 16:19:13
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Michelle - MICHELLE
# Running from : C:\Users\Michelle\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Michelle\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Michelle\AppData\Roaming\Systweak
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
File Deleted : C:\WINDOWS\System32\roboot64.exe
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKLM\Software\systweak
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Google Chrome v33.0.1750.154
[ File : C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2199 octets] - [22/03/2014 16:17:56]
AdwCleaner[S0].txt - [1822 octets] - [22/03/2014 16:19:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1882 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8.1 x64
Ran by Michelle on 2014-03-22 at 16:26:03.71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Failed to delete: [Folder] "C:\ProgramData\big fish"
Successfully deleted: [Folder] "C:\Users\Michelle\appdata\local\big fish"
Successfully deleted: [Folder] "C:\bigfishcache"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014-03-22 at 16:33:14.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Michelle (administrator) on MICHELLE on 22-03-2014 16:36:15
Running from C:\Users\Michelle\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\windows\system32\CxAudMsg64.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Daniel Bigham) C:\Users\Michelle\AppData\Local\Apps\2.0\H9XXVL06.MPV\1W46ZWRM.JWZ\sync..tion_0000000000000000_0001.0000_593c0b80c2665eed\Sync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\CCC.exe
(Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] - C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3050736 2013-04-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-07-19] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-06] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TSVU] - c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKU\S-1-5-21-2676312113-550927975-3917386946-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [457728 2013-11-14] (Microsoft Corporation)
HKU\S-1-5-21-2676312113-550927975-3917386946-1001\...\Run: [Sync] - "C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daniel Bigham\Sync.appref-ms"
HKU\S-1-5-21-2676312113-550927975-3917386946-1001\...\Run: [AppEx Accelerator UI] - C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [429792 2013-04-11] (AppEx Networks Corporation)
HKU\S-1-5-21-2676312113-550927975-3917386946-1001\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-2676312113-550927975-3917386946-1001\...\MountPoints2: {c48b08a5-6dbd-11e3-824e-806e6f6e6963} - "D:\NursingVideoSkills.EXE"
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://blu173.mail.live.com/default.aspx?id=64855
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.toshiba.ca/welcome/?w=23
SearchScopes: HKLM - DefaultScope {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM - {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKCU - DefaultScope {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 142.166.166.166
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-22]
CHR Extension: (Google Drive) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-22]
CHR Extension: (YouTube) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-22]
CHR Extension: (Google Search) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-22]
CHR Extension: (avast! Online Security) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-24]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2014-03-07]
CHR Extension: (Google Wallet) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-22]
CHR Extension: (Gmail) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-25]
==================== Services (Whitelisted) =================
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-30] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-06] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-02-06] (AVAST Software)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-16] (WildTangent)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-10-17] (TOSHIBA CORPORATION)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-02-06] (AVAST Software)
R1 aswNdisFlt; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [440672 2014-02-21] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-12-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-25] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-02-06] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-02-06] (AVAST Software)
S3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-02-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-25] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-26] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corporation )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
S1 aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-22 16:36 - 2014-03-22 16:36 - 00014881 _____ () C:\Users\Michelle\Desktop\FRST.txt
2014-03-22 16:36 - 2014-03-22 16:36 - 00000000 ____D () C:\FRST
2014-03-22 16:34 - 2014-03-22 16:34 - 02157056 _____ (Farbar) C:\Users\Michelle\Desktop\FRST64.exe
2014-03-22 16:33 - 2014-03-22 16:33 - 00001974 _____ () C:\Users\Michelle\Desktop\AdwCleaner[S0].txt
2014-03-22 16:33 - 2014-03-22 16:33 - 00000798 _____ () C:\Users\Michelle\Desktop\JRT.txt
2014-03-22 16:26 - 2014-03-22 16:26 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-22 16:25 - 2014-03-22 16:25 - 01037734 _____ (Thisisu) C:\Users\Michelle\Desktop\JRT.exe
2014-03-22 16:17 - 2014-03-22 16:19 - 00000000 ____D () C:\AdwCleaner
2014-03-22 16:17 - 2014-03-22 16:17 - 01950720 _____ () C:\Users\Michelle\Desktop\adwcleaner.exe
2014-03-20 22:00 - 2014-03-20 22:00 - 00688992 _____ (Swearware) C:\Users\Michelle\Desktop\dds.scr
2014-03-20 21:53 - 2014-03-20 21:53 - 00688992 _____ (Swearware) C:\Users\Michelle\Downloads\dds (1).com
2014-03-20 21:52 - 2014-03-20 21:52 - 00688992 _____ (Swearware) C:\Users\Michelle\Downloads\dds.com
2014-03-20 21:24 - 2014-03-20 21:24 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\Users\Michelle\AppData\Roaming\Malwarebytes
2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 21:24 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-20 21:23 - 2014-03-20 21:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Michelle\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-17 20:24 - 2014-01-04 13:24 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-17 20:24 - 2014-01-04 12:38 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-17 20:24 - 2014-01-04 11:38 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-17 20:24 - 2014-01-04 11:23 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-17 20:24 - 2014-01-02 21:24 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-17 20:24 - 2014-01-02 21:18 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-17 20:24 - 2013-12-31 21:26 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-17 20:24 - 2013-12-27 06:27 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-17 20:24 - 2013-12-27 05:53 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-17 20:24 - 2013-12-27 04:33 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-17 20:24 - 2013-12-27 04:07 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-17 20:24 - 2013-12-14 04:01 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-17 20:24 - 2013-12-14 03:49 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-17 20:24 - 2013-12-09 05:35 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-17 20:24 - 2013-12-09 02:21 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-17 20:23 - 2014-01-07 23:16 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-17 20:23 - 2014-01-07 23:11 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-17 20:23 - 2014-01-07 23:11 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-17 20:23 - 2013-12-31 23:25 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-17 20:23 - 2013-12-31 23:22 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-17 20:23 - 2013-12-31 22:26 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-17 20:23 - 2013-12-31 22:25 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-17 20:23 - 2013-12-31 21:29 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-17 20:23 - 2013-12-31 21:27 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-17 20:23 - 2013-12-30 21:04 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-17 20:23 - 2013-12-30 21:03 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-17 20:23 - 2013-12-30 21:02 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-17 20:23 - 2013-12-30 21:01 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-17 20:23 - 2013-12-30 21:01 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-17 20:23 - 2013-12-27 12:39 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-17 20:23 - 2013-12-27 06:27 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-17 20:23 - 2013-12-27 04:33 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-17 20:23 - 2013-12-21 04:51 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-17 20:23 - 2013-12-17 04:51 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-17 20:23 - 2013-12-13 08:24 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-17 20:23 - 2013-12-13 04:06 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-17 20:23 - 2013-12-13 03:02 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-13 07:10 - 2013-10-30 21:59 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-13 07:10 - 2013-10-30 21:59 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-13 07:10 - 2013-10-30 21:58 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-12 09:43 - 2014-03-01 03:35 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-12 09:43 - 2014-03-01 02:00 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-12 09:43 - 2013-12-20 07:48 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-12 09:43 - 2013-12-20 07:48 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-12 09:42 - 2014-03-01 02:28 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-12 09:42 - 2014-03-01 01:47 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-12 09:42 - 2014-03-01 01:24 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-12 09:42 - 2014-03-01 01:17 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-12 09:42 - 2014-03-01 01:12 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-12 09:42 - 2014-03-01 00:48 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-12 09:42 - 2014-03-01 00:44 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-12 09:42 - 2014-03-01 00:40 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-12 09:42 - 2014-03-01 00:33 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-12 09:42 - 2014-03-01 00:27 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-12 09:42 - 2014-03-01 00:08 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-12 09:42 - 2014-03-01 00:02 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-12 09:42 - 2014-02-28 23:57 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-12 09:42 - 2014-02-28 23:55 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-12 09:42 - 2014-02-28 23:55 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-12 09:42 - 2014-02-11 00:34 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-12 09:42 - 2014-02-11 00:13 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-12 09:42 - 2014-02-10 23:34 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-12 09:42 - 2014-01-31 13:45 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-12 09:42 - 2014-01-31 13:37 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-12 09:42 - 2014-01-31 13:36 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-12 09:42 - 2014-01-31 11:17 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-12 09:42 - 2014-01-31 06:36 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-12 09:42 - 2014-01-29 07:25 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-12 09:42 - 2014-01-29 06:23 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-12 09:42 - 2014-01-29 06:23 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-12 09:42 - 2014-01-29 06:19 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-12 09:42 - 2014-01-29 06:17 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-12 09:42 - 2014-01-29 05:14 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-12 09:42 - 2014-01-29 05:14 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-12 09:42 - 2014-01-29 05:14 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-12 09:42 - 2014-01-29 04:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-12 09:42 - 2014-01-28 22:06 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-12 09:42 - 2014-01-27 16:37 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-12 09:42 - 2014-01-27 16:36 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-12 09:42 - 2014-01-27 16:34 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-12 09:42 - 2014-01-27 16:22 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-12 09:42 - 2014-01-27 15:53 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-12 09:42 - 2014-01-27 15:51 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-12 09:42 - 2014-01-27 15:50 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-12 09:42 - 2014-01-27 15:45 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-12 09:42 - 2014-01-27 15:13 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-12 09:42 - 2014-01-27 14:48 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-12 09:42 - 2014-01-27 14:30 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-12 09:42 - 2014-01-27 13:28 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-12 09:42 - 2014-01-27 13:20 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-12 09:42 - 2014-01-27 09:15 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-12 09:42 - 2014-01-17 20:34 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-12 09:42 - 2014-01-17 19:24 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-12 09:42 - 2013-12-21 12:21 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-12 09:42 - 2013-12-21 06:24 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-07 23:40 - 2014-03-07 23:40 - 01642566 _____ () C:\Users\Michelle\Downloads\Snap-2_0_0_2.bar
2014-03-01 16:42 - 2014-03-01 16:42 - 00000000 ____D () C:\Users\Michelle\AppData\Local\AppEx Networks
2014-03-01 16:38 - 2014-03-01 16:38 - 00000000 ____D () C:\ProgramData\ATI
2014-03-01 16:33 - 2013-06-22 13:49 - 00138240 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWB6.sys
2014-03-01 16:33 - 2013-06-22 13:48 - 00110080 _____ (TODO: <Company name>) C:\WINDOWS\system32\DelayAPO.dll
2014-03-01 16:32 - 2014-03-01 16:32 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-01 16:29 - 2014-03-01 16:29 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-03-01 16:29 - 2013-04-18 08:04 - 00219360 _____ (AppEx Networks Corporation) C:\WINDOWS\system32\Drivers\appexDrv.sys
2014-03-01 16:28 - 2014-03-01 16:28 - 00060733 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201403011528434076.log
2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-03-01 16:25 - 2013-08-30 21:14 - 00156712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2014-03-01 16:25 - 2013-08-30 21:14 - 00141256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2014-03-01 16:25 - 2013-08-30 21:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2014-03-01 16:25 - 2013-08-30 21:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2014-03-01 16:25 - 2013-08-30 21:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2014-03-01 16:25 - 2013-08-30 21:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2014-03-01 16:25 - 2013-08-30 21:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2014-03-01 16:25 - 2013-08-30 21:05 - 00781312 _____ () C:\WINDOWS\system32\amdmiracast.dll
2014-03-01 16:25 - 2013-08-30 20:48 - 00229376 _____ () C:\WINDOWS\system32\clinfo.exe
2014-03-01 16:25 - 2013-08-30 20:48 - 00127488 _____ (AMD) C:\WINDOWS\system32\coinst_13.152.dll
2014-03-01 16:25 - 2013-08-30 20:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2014-03-01 16:25 - 2013-08-30 20:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2014-03-01 16:25 - 2013-08-30 20:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2014-03-01 16:25 - 2013-08-30 20:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2014-03-01 16:25 - 2013-08-30 20:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2014-03-01 16:25 - 2013-08-30 20:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2014-03-01 16:25 - 2013-08-30 20:43 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-03-01 16:25 - 2013-08-30 20:43 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-03-01 16:25 - 2013-08-30 20:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2014-03-01 16:25 - 2013-08-30 20:18 - 00530824 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2014-03-01 16:25 - 2013-08-30 20:18 - 00530824 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-03-01 16:25 - 2013-08-30 20:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-03-01 16:25 - 2013-08-30 20:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2014-03-01 16:25 - 2013-08-30 20:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2014-03-01 16:25 - 2013-08-30 20:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2014-03-01 16:25 - 2013-08-30 20:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2014-03-01 16:25 - 2013-08-30 20:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2014-03-01 16:25 - 2013-08-30 20:14 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2014-03-01 16:25 - 2013-08-30 20:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2014-03-01 16:25 - 2013-08-30 20:04 - 03388672 _____ () C:\WINDOWS\system32\atiumd6a.cap
2014-03-01 16:25 - 2013-08-30 19:58 - 00571904 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2014-03-01 16:25 - 2013-08-30 19:58 - 00026112 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2014-03-01 16:25 - 2013-08-30 19:57 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2014-03-01 16:25 - 2013-08-30 19:56 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2014-03-01 16:25 - 2013-08-30 19:50 - 03422720 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2014-03-01 16:25 - 2013-08-30 19:37 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2014-03-01 16:25 - 2013-08-30 19:37 - 00090624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2014-03-01 16:25 - 2013-08-30 19:37 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2014-03-01 16:25 - 2013-08-30 19:37 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2014-03-01 16:25 - 2013-08-30 19:35 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2014-03-01 16:25 - 2013-08-30 19:34 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2014-03-01 16:25 - 2013-08-30 19:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2014-03-01 16:25 - 2013-08-30 19:33 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2014-03-01 16:25 - 2013-08-30 19:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2014-03-01 16:25 - 2013-08-30 19:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2014-03-01 16:25 - 2013-08-30 19:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2014-03-01 16:25 - 2013-08-30 19:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2014-03-01 16:25 - 2013-08-30 19:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2014-03-01 16:25 - 2013-08-30 19:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2014-03-01 16:25 - 2013-08-27 16:06 - 00233652 _____ () C:\WINDOWS\system32\ativvaxy_cik.dat
2014-03-01 16:25 - 2013-08-27 14:27 - 00082336 _____ () C:\WINDOWS\system32\ativce02.dat
2014-03-01 16:25 - 2013-08-07 14:22 - 00716208 _____ () C:\WINDOWS\system32\atiicdxx.dat
2014-03-01 16:25 - 2013-08-07 12:12 - 00231984 _____ () C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2014-03-01 16:25 - 2013-05-04 16:22 - 00047164 _____ () C:\WINDOWS\atiogl.xml
2014-03-01 16:21 - 2014-03-01 16:29 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-01 16:18 - 2013-10-15 17:03 - 00111488 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\THAccel.sys
2014-03-01 12:51 - 2014-03-01 12:51 - 00001993 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-26 18:30 - 2014-03-01 12:47 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-02-26 18:29 - 2014-03-02 15:58 - 00000000 ____D () C:\ProgramData\Yahoo!
==================== One Month Modified Files and Folders =======
2014-03-22 16:36 - 2014-03-22 16:36 - 00014881 _____ () C:\Users\Michelle\Desktop\FRST.txt
2014-03-22 16:36 - 2014-03-22 16:36 - 00000000 ____D () C:\FRST
2014-03-22 16:34 - 2014-03-22 16:34 - 02157056 _____ (Farbar) C:\Users\Michelle\Desktop\FRST64.exe
2014-03-22 16:34 - 2013-12-25 21:30 - 01545034 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-22 16:33 - 2014-03-22 16:33 - 00001974 _____ () C:\Users\Michelle\Desktop\AdwCleaner[S0].txt
2014-03-22 16:33 - 2014-03-22 16:33 - 00000798 _____ () C:\Users\Michelle\Desktop\JRT.txt
2014-03-22 16:33 - 2013-08-22 13:06 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-22 16:30 - 2013-08-22 13:06 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-22 16:27 - 2013-12-25 09:28 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2676312113-550927975-3917386946-1001
2014-03-22 16:26 - 2014-03-22 16:26 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-22 16:26 - 2013-11-14 04:58 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-22 16:25 - 2014-03-22 16:25 - 01037734 _____ (Thisisu) C:\Users\Michelle\Desktop\JRT.exe
2014-03-22 16:23 - 2013-12-25 09:54 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-03-22 16:22 - 2014-01-22 19:27 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-22 16:22 - 2014-01-22 19:27 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-22 16:22 - 2014-01-22 19:27 - 00000000 ____D () C:\Users\Michelle\AppData\Local\Deployment
2014-03-22 16:22 - 2014-01-06 15:57 - 00004986 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MICHELLE-Michelle Michelle
2014-03-22 16:22 - 2013-12-26 00:50 - 00000000 __RDO () C:\Users\Michelle\SkyDrive
2014-03-22 16:20 - 2013-08-22 12:15 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-22 16:20 - 2013-08-22 10:55 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-22 16:19 - 2014-03-22 16:17 - 00000000 ____D () C:\AdwCleaner
2014-03-22 16:19 - 2013-10-31 02:34 - 02996794 _____ () C:\Users\Public\CAFADEBUG.log
2014-03-22 16:17 - 2014-03-22 16:17 - 01950720 _____ () C:\Users\Michelle\Desktop\adwcleaner.exe
2014-03-22 15:42 - 2014-01-22 19:27 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-22 14:57 - 2013-12-25 09:19 - 00000000 ____D () C:\Users\Michelle\AppData\Local\Packages
2014-03-22 03:10 - 2013-12-25 21:11 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2014-03-21 18:56 - 2014-01-03 10:24 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-03-20 22:00 - 2014-03-20 22:00 - 00688992 _____ (Swearware) C:\Users\Michelle\Desktop\dds.scr
2014-03-20 21:54 - 2013-11-14 04:50 - 00012370 _____ () C:\WINDOWS\PFRO.log
2014-03-20 21:53 - 2014-03-20 21:53 - 00688992 _____ (Swearware) C:\Users\Michelle\Downloads\dds (1).com
2014-03-20 21:52 - 2014-03-20 21:52 - 00688992 _____ (Swearware) C:\Users\Michelle\Downloads\dds.com
2014-03-20 21:24 - 2014-03-20 21:24 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\Users\Michelle\AppData\Roaming\Malwarebytes
2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 21:23 - 2014-03-20 21:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Michelle\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-20 14:01 - 2013-12-25 09:21 - 00000000 ___RD () C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-20 14:01 - 2013-12-25 09:21 - 00000000 ___RD () C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-20 13:59 - 2013-08-22 13:06 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-18 18:57 - 2013-12-25 12:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-18 18:55 - 2013-12-25 12:02 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-18 18:55 - 2013-08-22 10:55 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-15 10:22 - 2013-12-25 21:17 - 00000000 ____D () C:\Users\Michelle
2014-03-14 14:30 - 2013-08-22 12:14 - 00474072 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-14 14:25 - 2013-08-22 13:06 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 14:25 - 2013-08-22 13:06 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 14:25 - 2013-08-22 13:06 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-14 14:25 - 2013-08-22 13:06 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-07 23:40 - 2014-03-07 23:40 - 01642566 _____ () C:\Users\Michelle\Downloads\Snap-2_0_0_2.bar
2014-03-04 20:23 - 2013-08-22 13:08 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 20:23 - 2013-08-22 13:08 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 15:58 - 2014-02-26 18:29 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-03-02 15:58 - 2013-12-25 18:46 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-03-02 12:08 - 2013-08-22 13:06 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-01 16:42 - 2014-03-01 16:42 - 00000000 ____D () C:\Users\Michelle\AppData\Local\AppEx Networks
2014-03-01 16:40 - 2013-08-22 12:16 - 00288840 _____ () C:\WINDOWS\setupact.log
2014-03-01 16:38 - 2014-03-01 16:38 - 00000000 ____D () C:\ProgramData\ATI
2014-03-01 16:34 - 2013-04-30 03:29 - 00000000 ____D () C:\Program Files\Toshiba
2014-03-01 16:33 - 2013-10-31 02:14 - 00000000 ____D () C:\ProgramData\AMD
2014-03-01 16:32 - 2014-03-01 16:32 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-01 16:32 - 2013-04-30 03:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-01 16:30 - 2013-10-31 02:19 - 00063772 _____ () C:\WINDOWS\DPINST.LOG
2014-03-01 16:29 - 2014-03-01 16:29 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-03-01 16:29 - 2014-03-01 16:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-01 16:28 - 2014-03-01 16:28 - 00060733 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201403011528434076.log
2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-03-01 16:28 - 2013-10-31 02:13 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-03-01 16:21 - 2013-04-30 03:30 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2014-03-01 16:20 - 2013-12-25 21:11 - 00000000 ____D () C:\Program Files\CONEXANT
2014-03-01 12:51 - 2014-03-01 12:51 - 00001993 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-03-01 12:47 - 2014-02-26 18:30 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-03-01 12:47 - 2014-01-23 18:37 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 12:47 - 2014-01-23 18:37 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 12:47 - 2014-01-23 18:37 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-01 12:38 - 2013-08-22 13:06 - 00000000 ____D () C:\WINDOWS\registration
2014-03-01 12:36 - 2014-01-23 18:37 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 12:06 - 2012-07-26 05:42 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-03-01 03:35 - 2014-03-12 09:43 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 02:28 - 2014-03-12 09:42 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 02:00 - 2014-03-12 09:43 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 01:47 - 2014-03-12 09:42 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 01:24 - 2014-03-12 09:42 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 01:17 - 2014-03-12 09:42 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 01:12 - 2014-03-12 09:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 00:48 - 2014-03-12 09:42 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 00:44 - 2014-03-12 09:42 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 00:40 - 2014-03-12 09:42 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 00:33 - 2014-03-12 09:42 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 00:27 - 2014-03-12 09:42 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 00:08 - 2014-03-12 09:42 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 00:02 - 2014-03-12 09:42 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-28 23:57 - 2014-03-12 09:42 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-28 23:55 - 2014-03-12 09:42 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-28 23:55 - 2014-03-12 09:42 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-26 18:30 - 2013-12-25 18:54 - 00000000 ____D () C:\Users\Michelle\AppData\Roaming\Yahoo!
2014-02-21 11:35 - 2014-02-06 23:34 - 00440672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndisflt.sys
Some content of TEMP:
====================
C:\Users\Michelle\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Michelle\AppData\Local\Temp\Quarantine.exe
C:\Users\Michelle\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_3eefcf79-8d81-4786-a363-630e92dd884d_TX_PR_.exe
C:\Users\Michelle\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_668c5844-b998-4d26-984f-411b4ed1be5c_TX_PR_.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-12 09:42] - [2014-01-31 13:45] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-03-20 02:38
==================== End Of Log ============================
March 22nd, 2014, 03:10 PM
#8
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Michelle at 2014-03-22 16:37:05
Running from C:\Users\Michelle\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe Reader X (10.1.8) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5D42947B-E961-C0B5-5A70-EA0F753331EB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
AMD Start Now (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
Genesys Logic USB2.0 Card Reader (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41504) (Version: 45251 - Intel)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Office 365 Home Premium - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0021 - REALTEK Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.2.0 - Synaptics Incorporated)
Sync (HKCU\...\87a4ce57e9665181) (Version: 1.0.0.47 - Daniel Bigham)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.15.4 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{4BBF3F6A-D3B6-48E3-85E1-5C38D3A98034}) (Version: 1.1.7.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6630.6403 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 2.2.0000 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 4.0.5.0 - Toshiba Corporation)
TOSHIBA Password Utility (Version: 4.0.5.0 - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.2 - WildTangent) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Restore Points =========================
01-03-2014 15:03:14 Restore Operation
08-03-2014 15:07:22 Scheduled Checkpoint
12-03-2014 13:27:47 Windows Update
18-03-2014 21:24:11 Windows Update
==================== Hosts content: ==========================
2013-08-22 10:55 - 2013-08-22 10:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {01428108-856E-4AC4-B6AA-2FCA42ADA5E4} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {19768086-500A-4567-9DE6-BC2D2D1716C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2758B6D5-C71D-48C8-84A5-557EFE27EBF9} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-05] (Synaptics Incorporated)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37C41A14-18F4-4A60-8B9E-FF106272E24B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8DFB3737-2E0C-4EAE-B8E3-C6B7FE9AFC3B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {911DB535-F561-4570-A180-02B3219118DE} - System32\Tasks\UMonitor Task => C:\windows\system32\UMonit64.exe
Task: {95495AD5-0F26-4FBC-BB97-6A15A95EA555} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MICHELLE-Michelle Michelle => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-01-21] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B47F04CA-CE64-45CB-BEB6-EB9464D27231} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-06] (AVAST Software)
Task: {C013C99C-5806-4AB9-9A6E-B2CD7C349AB6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-21] (Microsoft Corporation)
Task: {C0FF198E-DB1D-42E7-AA64-FD9B6561EAD5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-18] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {ECC51913-7B1C-4EF6-953E-BF07D3A467F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) =============
2011-06-15 06:57 - 2011-06-15 06:57 - 00034304 _____ () C:\WINDOWS\System32\ssb6mlm.dll
2013-08-30 20:47 - 2013-08-30 20:47 - 00099328 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-01-01 16:13 - 2013-10-31 10:07 - 00377000 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2014-01-01 16:13 - 2013-10-31 10:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2014-01-01 16:13 - 2013-10-31 10:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2012-07-18 23:08 - 2012-07-18 23:08 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-01-21 19:36 - 2014-01-21 19:36 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-08-30 20:47 - 2013-08-30 20:47 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2014-03-22 16:21 - 2014-03-22 15:05 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032201\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-03 10:34 - 2014-01-10 15:40 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-01-21 19:36 - 2014-01-21 19:36 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll
2014-01-03 10:32 - 2014-01-10 15:35 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-01-21 19:32 - 2014-01-21 19:32 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\c2r32.dll
2013-10-31 02:48 - 2013-07-19 15:07 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-10-31 02:48 - 2013-07-19 15:07 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-10-31 02:48 - 2013-07-19 15:07 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-10-31 02:48 - 2013-07-19 15:07 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-10-31 02:48 - 2013-07-19 15:07 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-10-31 02:48 - 2013-07-19 15:07 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-10-31 02:48 - 2013-07-19 15:07 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-10-31 02:48 - 2013-07-19 15:07 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-10-31 02:48 - 2013-07-19 15:07 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2013-12-25 09:54 - 2013-12-25 09:54 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:E4FCDFD9
AlternateDataStreams: C:\Users\Michelle\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/22/2014 04:04:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16518, time stamp: 0x52f347b2
Faulting module name: MSHTML.dll, version: 11.0.9600.16521, time stamp: 0x5311622b
Exception code: 0x4000001f
Fault offset: 0x003b4aa6
Faulting process id: 0x1b4c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
Error: (03/22/2014 03:06:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16518, time stamp: 0x52f347b2
Faulting module name: MSHTML.dll, version: 11.0.9600.16521, time stamp: 0x5311622b
Exception code: 0xc0000005
Fault offset: 0x0009751f
Faulting process id: 0x41a4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10260859
Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10260859
Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32934406
Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32934406
Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/22/2014 03:10:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7217015
Error: (03/22/2014 03:10:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7217015
System errors:
=============
Error: (03/22/2014 04:20:17 PM) (Source: Microsoft-Windows-HAL) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
Error: (03/22/2014 10:22:30 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (03/21/2014 00:27:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (03/20/2014 09:54:32 PM) (Source: Microsoft-Windows-HAL) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
Error: (03/20/2014 02:00:15 PM) (Source: Microsoft-Windows-HAL) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
Error: (03/20/2014 01:58:39 PM) (Source: DCOM) (User: MICHELLE)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (03/20/2014 01:58:39 PM) (Source: DCOM) (User: MICHELLE)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (03/20/2014 00:14:17 PM) (Source: DCOM) (User: MICHELLE)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}MichelleMichelleS-1-5-21-2676312113-550927975-3917386946-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (03/20/2014 00:10:51 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (03/19/2014 03:16:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Microsoft Office Sessions:
=========================
Error: (03/22/2014 04:04:46 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2MSHTML.dll11.0.9600.165215311622b4000001f003b4aa61b4c01cf454b1abb1c8aC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\MSHTML.dlla41cca5f-b1f0-11e3-be9b-089e01ee9948
Error: (03/22/2014 03:06:58 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2MSHTML.dll11.0.9600.165215311622bc00000050009751f41a401cf45f3e53a53b2C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\MSHTML.dll90d68d78-b1e8-11e3-be9b-089e01ee9948
Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10260859
Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10260859
Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32934406
Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32934406
Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/22/2014 03:10:51 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7217015
Error: (03/22/2014 03:10:51 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7217015
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 5581.5 MB
Available physical RAM: 3503.33 MB
Total Pagefile: 6477.5 MB
Available Pagefile: 4048.86 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (TI80145100B) (Fixed) (Total:684.9 GB) (Free:639.98 GB) NTFS
Drive d: (Advanced Nursing) (CDROM) (Total:1.98 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
March 23rd, 2014, 11:37 AM
#9
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt ). Please post it to your reply.
Attached Files
March 23rd, 2014, 11:53 AM
#10
When I click that to download it, it is called attachment.php , not fixlist.txt. I don't want to go ahead with the fix unless I know for sure that this is okay!
March 23rd, 2014, 01:28 PM
#11
March 23rd, 2014, 03:47 PM
#12
Using internet explorer 11.
March 23rd, 2014, 06:27 PM
#13
When I click on fixlist.txt using IE there is a popup at the bottom of the screen:
Do you want to open or save fixlist.txt (618 bytes) from discussions.virtualdr.com?
You don't see it?
March 23rd, 2014, 08:34 PM
#14
Yes, but when I click save as to set the download location to the desktop, the file name comes up as attachment.php, I screencapped it so you could see it, but can't get the file to upload. I'll keep trying.
March 23rd, 2014, 08:50 PM
#15
Download it wherever you normally download anything and then copy/paste to Desktop.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
Forum Rules