[RESOLVED] Slow and freezing
Page 1 of 2 12 LastLast
Results 1 to 15 of 24

Thread: [RESOLVED] Slow and freezing

  1. #1
    Join Date
    Jan 2006
    Posts
    400

    Resolved [RESOLVED] Slow and freezing

    My laptop has been incredibly slow and freezing up A LOT lately. The battery won't charge while my laptop is on, only when it is off/on hibernate, etc. It says "plugged in, charging" and I guess technically does charge, but it would take ALL day compared to the hour or so it took before. Not sure if that bit is because of a virus or not, but figured I would make it known anyway.

    It's a Toshiba Satellite C40D, and is only 3 months old. Please help me fix this! I have Avast antivirus installed and it found no threats, but there were 2 files that it said it couldn't be scanned. The MBAM log is below, but I can't get DDS to run. Tried installing a few times, but when I try to open it, it says it's not meant to run in compatibility mode so its going to close.

    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2014.03.20.07

    Windows 8 x64 NTFS
    Internet Explorer 11.0.9600.16521
    Michelle :: MICHELLE [administrator]

    Protection: Enabled

    2014-03-20 9:43:29 PM
    mbam-log-2014-03-20 (21-43-29).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 224576
    Time elapsed: 8 minute(s), 22 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 3
    HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Quarantined and deleted successfully.
    HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\SEARCHPROTECTINT (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.

    Registry Values Detected: 1
    HKCU\Software\SearchProtectINT|Install (PUP.Optional.SearchProtect.A) -> Data: 1 -> Quarantined and deleted successfully.

    Registry Data Items Detected: 4
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShopHelp&co=CA&userid=7ceeb652-c9ea-efcf-5ba3-70a80bc82e76&searchtype=ds&q={searchTerms}&installDate=25/12/2013) Good: (http://www.google.com) -> Quarantined and repaired successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShopHelp&co=CA&userid=7ceeb652-c9ea-efcf-5ba3-70a80bc82e76&searchtype=ds&q={searchTerms}&installDate=25/12/2013) Good: (http://www.google.com) -> Quarantined and repaired successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShopHelp&co=CA&userid=7ceeb652-c9ea-efcf-5ba3-70a80bc82e76&searchtype=ds&q={searchTerms}&installDate=25/12/2013) Good: (http://www.google.com) -> Quarantined and repaired successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShopHelp&co=CA&userid=7ceeb652-c9ea-efcf-5ba3-70a80bc82e76&searchtype=ds&q={searchTerms}&installDate=25/12/2013) Good: (http://www.google.com) -> Quarantined and repaired successfully.

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 3
    C:\$Recycle.Bin\S-1-5-21-2676312113-550927975-3917386946-1001\$RTO7UKP.exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.
    C:\$Recycle.Bin\S-1-5-21-2676312113-550927975-3917386946-1001\$RXNM63S.exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.
    C:\$Recycle.Bin\S-1-5-21-2676312113-550927975-3917386946-1001\$RZQUP10.exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.

    (end)

  2. #2
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    You abandoned this topic in the past: http://discussions.virtualdr.com/sho...puter-cleaning
    Unless I hear very good explanation I won't be able to help.

  3. #3
    Join Date
    Jan 2006
    Posts
    400
    I was at home for Christmas holidays visiting my parents (they are a 12 hour drive from me) and I was trying to clean their computer for them, at the request of my father, while I was home. But my holidays were over before the process was finished. I told my dad how to go online and finish it, he knows computers well enough to be able to follow direction on here, but he didn't do it.

    This current topic is about my own laptop. But I apologize for not explaining that before.

  4. #4
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Fair enough but it can't happen again,

    I still need DDS logs.

  5. #5
    Join Date
    Jan 2006
    Posts
    400
    I can't get dds to run. I downloaded it and saved it to the desktop, and when I try to run it, it says that it can't run in compatibility mode. I tried downloading from both links that were provided but can't get it to work. It's probably something simple that I am not doing, but I have no idea.

  6. #6
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I see. This is Windows 8.

    Please download AdwCleaner by Xplode onto your desktop.

    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.



    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.



    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

  7. #7
    Join Date
    Jan 2006
    Posts
    400
    # AdwCleaner v3.022 - Report created 22/03/2014 at 16:19:13
    # Updated 13/03/2014 by Xplode
    # Operating System : Windows 8.1 (64 bits)
    # Username : Michelle - MICHELLE
    # Running from : C:\Users\Michelle\Desktop\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\boost_interprocess
    Folder Deleted : C:\Users\Michelle\AppData\Local\SearchProtect
    Folder Deleted : C:\Users\Michelle\AppData\Roaming\Systweak
    File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
    File Deleted : C:\WINDOWS\System32\roboot64.exe

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
    Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Key Deleted : HKCU\Software\SmartBar
    Key Deleted : HKLM\Software\systweak

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16518

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

    -\\ Google Chrome v33.0.1750.154

    [ File : C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [2199 octets] - [22/03/2014 16:17:56]
    AdwCleaner[S0].txt - [1822 octets] - [22/03/2014 16:19:13]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1882 octets] ##########



    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.2 (02.20.2014:1)
    OS: Windows 8.1 x64
    Ran by Michelle on 2014-03-22 at 16:26:03.71
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders

    Failed to delete: [Folder] "C:\ProgramData\big fish"
    Successfully deleted: [Folder] "C:\Users\Michelle\appdata\local\big fish"
    Successfully deleted: [Folder] "C:\bigfishcache"



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 2014-03-22 at 16:33:14.27
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
    Ran by Michelle (administrator) on MICHELLE on 22-03-2014 16:36:15
    Running from C:\Users\Michelle\Desktop
    Windows 8.1 (X64) OS Language: English(US)
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (AMD) C:\WINDOWS\system32\atiesrxx.exe
    (AMD) C:\WINDOWS\system32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
    () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Conexant Systems Inc.) C:\windows\system32\CxAudMsg64.exe
    (Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
    (TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
    (Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    (Microsoft Corporation) C:\Windows\System32\skydrive.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
    (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
    (AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
    (Daniel Bigham) C:\Users\Michelle\AppData\Local\Apps\2.0\H9XXVL06.MPV\1W46ZWRM.JWZ\sync..tion_0000000000000000_0001.0000_593c0b80c2665eed\Sync.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
    (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\CCC.exe
    (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
    HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
    HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
    HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
    HKLM\...\Run: [TecoResident] - C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
    HKLM\...\Run: [TODDMain] - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
    HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3050736 2013-04-05] (Synaptics Incorporated)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-07-19] (Intel Corporation)
    HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-06] (AVAST Software)
    HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
    HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [TSVU] - c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
    HKU\S-1-5-21-2676312113-550927975-3917386946-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [457728 2013-11-14] (Microsoft Corporation)
    HKU\S-1-5-21-2676312113-550927975-3917386946-1001\...\Run: [Sync] - "C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daniel Bigham\Sync.appref-ms"
    HKU\S-1-5-21-2676312113-550927975-3917386946-1001\...\Run: [AppEx Accelerator UI] - C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [429792 2013-04-11] (AppEx Networks Corporation)
    HKU\S-1-5-21-2676312113-550927975-3917386946-1001\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
    HKU\S-1-5-21-2676312113-550927975-3917386946-1001\...\MountPoints2: {c48b08a5-6dbd-11e3-824e-806e6f6e6963} - "D:\NursingVideoSkills.EXE"
    AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://blu173.mail.live.com/default.aspx?id=64855
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.toshiba.ca/welcome/?w=23
    SearchScopes: HKLM - DefaultScope {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
    SearchScopes: HKLM - {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
    SearchScopes: HKCU - DefaultScope {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL =
    BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 142.166.166.166

    Chrome:
    =======
    CHR Extension: (Google Docs) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-22]
    CHR Extension: (Google Drive) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-22]
    CHR Extension: (YouTube) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-22]
    CHR Extension: (Google Search) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-22]
    CHR Extension: (avast! Online Security) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-24]
    CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2014-03-07]
    CHR Extension: (Google Wallet) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-22]
    CHR Extension: (Gmail) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-22]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-25]

    ==================== Services (Whitelisted) =================

    R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-30] ()
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-06] (AVAST Software)
    R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-02-06] (AVAST Software)
    R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-16] (WildTangent)
    S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
    R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
    S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-10-17] (TOSHIBA CORPORATION)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
    R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
    R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
    R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-02-06] (AVAST Software)
    R1 aswNdisFlt; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [440672 2014-02-21] (AVAST Software)
    R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-12-25] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-25] ()
    R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-02-06] (AVAST Software)
    R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-02-06] (AVAST Software)
    S3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-02-06] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-25] ()
    R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
    S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
    S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
    S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
    S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
    R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-26] (Microsoft Corporation)
    S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
    S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
    R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
    S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
    S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
    R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corporation )
    S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-26] (Microsoft Corporation)
    S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
    R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
    R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
    S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
    S1 aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-03-22 16:36 - 2014-03-22 16:36 - 00014881 _____ () C:\Users\Michelle\Desktop\FRST.txt
    2014-03-22 16:36 - 2014-03-22 16:36 - 00000000 ____D () C:\FRST
    2014-03-22 16:34 - 2014-03-22 16:34 - 02157056 _____ (Farbar) C:\Users\Michelle\Desktop\FRST64.exe
    2014-03-22 16:33 - 2014-03-22 16:33 - 00001974 _____ () C:\Users\Michelle\Desktop\AdwCleaner[S0].txt
    2014-03-22 16:33 - 2014-03-22 16:33 - 00000798 _____ () C:\Users\Michelle\Desktop\JRT.txt
    2014-03-22 16:26 - 2014-03-22 16:26 - 00000000 ____D () C:\WINDOWS\ERUNT
    2014-03-22 16:25 - 2014-03-22 16:25 - 01037734 _____ (Thisisu) C:\Users\Michelle\Desktop\JRT.exe
    2014-03-22 16:17 - 2014-03-22 16:19 - 00000000 ____D () C:\AdwCleaner
    2014-03-22 16:17 - 2014-03-22 16:17 - 01950720 _____ () C:\Users\Michelle\Desktop\adwcleaner.exe
    2014-03-20 22:00 - 2014-03-20 22:00 - 00688992 _____ (Swearware) C:\Users\Michelle\Desktop\dds.scr
    2014-03-20 21:53 - 2014-03-20 21:53 - 00688992 _____ (Swearware) C:\Users\Michelle\Downloads\dds (1).com
    2014-03-20 21:52 - 2014-03-20 21:52 - 00688992 _____ (Swearware) C:\Users\Michelle\Downloads\dds.com
    2014-03-20 21:24 - 2014-03-20 21:24 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\Users\Michelle\AppData\Roaming\Malwarebytes
    2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-03-20 21:24 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2014-03-20 21:23 - 2014-03-20 21:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Michelle\Downloads\mbam-setup-1.75.0.1300.exe
    2014-03-17 20:24 - 2014-01-04 13:24 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
    2014-03-17 20:24 - 2014-01-04 12:38 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
    2014-03-17 20:24 - 2014-01-04 11:38 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
    2014-03-17 20:24 - 2014-01-04 11:23 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
    2014-03-17 20:24 - 2014-01-02 21:24 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
    2014-03-17 20:24 - 2014-01-02 21:18 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
    2014-03-17 20:24 - 2013-12-31 21:26 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2014-03-17 20:24 - 2013-12-27 06:27 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2014-03-17 20:24 - 2013-12-27 05:53 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2014-03-17 20:24 - 2013-12-27 04:33 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2014-03-17 20:24 - 2013-12-27 04:07 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2014-03-17 20:24 - 2013-12-14 04:01 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2014-03-17 20:24 - 2013-12-14 03:49 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2014-03-17 20:24 - 2013-12-09 05:35 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2014-03-17 20:24 - 2013-12-09 02:21 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2014-03-17 20:23 - 2014-01-07 23:16 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2014-03-17 20:23 - 2014-01-07 23:11 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2014-03-17 20:23 - 2014-01-07 23:11 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2014-03-17 20:23 - 2013-12-31 23:25 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2014-03-17 20:23 - 2013-12-31 23:22 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2014-03-17 20:23 - 2013-12-31 22:26 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2014-03-17 20:23 - 2013-12-31 22:25 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2014-03-17 20:23 - 2013-12-31 21:29 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2014-03-17 20:23 - 2013-12-31 21:27 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2014-03-17 20:23 - 2013-12-30 21:04 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
    2014-03-17 20:23 - 2013-12-30 21:03 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
    2014-03-17 20:23 - 2013-12-30 21:02 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
    2014-03-17 20:23 - 2013-12-30 21:01 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2014-03-17 20:23 - 2013-12-30 21:01 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
    2014-03-17 20:23 - 2013-12-27 12:39 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2014-03-17 20:23 - 2013-12-27 06:27 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
    2014-03-17 20:23 - 2013-12-27 04:33 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
    2014-03-17 20:23 - 2013-12-21 04:51 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
    2014-03-17 20:23 - 2013-12-17 04:51 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2014-03-17 20:23 - 2013-12-13 08:24 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
    2014-03-17 20:23 - 2013-12-13 04:06 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
    2014-03-17 20:23 - 2013-12-13 03:02 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
    2014-03-13 07:10 - 2013-10-30 21:59 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
    2014-03-13 07:10 - 2013-10-30 21:59 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
    2014-03-13 07:10 - 2013-10-30 21:58 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
    2014-03-12 09:43 - 2014-03-01 03:35 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2014-03-12 09:43 - 2014-03-01 02:00 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2014-03-12 09:43 - 2013-12-20 07:48 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2014-03-12 09:43 - 2013-12-20 07:48 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2014-03-12 09:42 - 2014-03-01 02:28 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2014-03-12 09:42 - 2014-03-01 01:47 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2014-03-12 09:42 - 2014-03-01 01:24 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2014-03-12 09:42 - 2014-03-01 01:17 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2014-03-12 09:42 - 2014-03-01 01:12 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2014-03-12 09:42 - 2014-03-01 00:48 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2014-03-12 09:42 - 2014-03-01 00:44 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2014-03-12 09:42 - 2014-03-01 00:40 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2014-03-12 09:42 - 2014-03-01 00:33 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2014-03-12 09:42 - 2014-03-01 00:27 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2014-03-12 09:42 - 2014-03-01 00:08 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2014-03-12 09:42 - 2014-03-01 00:02 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2014-03-12 09:42 - 2014-02-28 23:57 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2014-03-12 09:42 - 2014-02-28 23:55 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2014-03-12 09:42 - 2014-02-28 23:55 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2014-03-12 09:42 - 2014-02-11 00:34 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2014-03-12 09:42 - 2014-02-11 00:13 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
    2014-03-12 09:42 - 2014-02-10 23:34 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
    2014-03-12 09:42 - 2014-01-31 13:45 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
    2014-03-12 09:42 - 2014-01-31 13:37 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2014-03-12 09:42 - 2014-01-31 13:36 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2014-03-12 09:42 - 2014-01-31 11:17 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2014-03-12 09:42 - 2014-01-31 06:36 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
    2014-03-12 09:42 - 2014-01-29 07:25 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2014-03-12 09:42 - 2014-01-29 06:23 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2014-03-12 09:42 - 2014-01-29 06:23 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2014-03-12 09:42 - 2014-01-29 06:19 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2014-03-12 09:42 - 2014-01-29 06:17 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2014-03-12 09:42 - 2014-01-29 05:14 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2014-03-12 09:42 - 2014-01-29 05:14 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2014-03-12 09:42 - 2014-01-29 05:14 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2014-03-12 09:42 - 2014-01-29 04:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
    2014-03-12 09:42 - 2014-01-28 22:06 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
    2014-03-12 09:42 - 2014-01-27 16:37 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2014-03-12 09:42 - 2014-01-27 16:36 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
    2014-03-12 09:42 - 2014-01-27 16:34 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
    2014-03-12 09:42 - 2014-01-27 16:22 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2014-03-12 09:42 - 2014-01-27 15:53 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
    2014-03-12 09:42 - 2014-01-27 15:51 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
    2014-03-12 09:42 - 2014-01-27 15:50 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
    2014-03-12 09:42 - 2014-01-27 15:45 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
    2014-03-12 09:42 - 2014-01-27 15:13 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
    2014-03-12 09:42 - 2014-01-27 14:48 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
    2014-03-12 09:42 - 2014-01-27 14:30 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
    2014-03-12 09:42 - 2014-01-27 13:28 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2014-03-12 09:42 - 2014-01-27 13:20 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2014-03-12 09:42 - 2014-01-27 09:15 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
    2014-03-12 09:42 - 2014-01-17 20:34 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2014-03-12 09:42 - 2014-01-17 19:24 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2014-03-12 09:42 - 2013-12-21 12:21 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2014-03-12 09:42 - 2013-12-21 06:24 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
    2014-03-07 23:40 - 2014-03-07 23:40 - 01642566 _____ () C:\Users\Michelle\Downloads\Snap-2_0_0_2.bar
    2014-03-01 16:42 - 2014-03-01 16:42 - 00000000 ____D () C:\Users\Michelle\AppData\Local\AppEx Networks
    2014-03-01 16:38 - 2014-03-01 16:38 - 00000000 ____D () C:\ProgramData\ATI
    2014-03-01 16:33 - 2013-06-22 13:49 - 00138240 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWB6.sys
    2014-03-01 16:33 - 2013-06-22 13:48 - 00110080 _____ (TODO: <Company name>) C:\WINDOWS\system32\DelayAPO.dll
    2014-03-01 16:32 - 2014-03-01 16:32 - 00000000 ____D () C:\Program Files (x86)\Realtek
    2014-03-01 16:29 - 2014-03-01 16:29 - 00000000 ____D () C:\Program Files\AMD Quick Stream
    2014-03-01 16:29 - 2013-04-18 08:04 - 00219360 _____ (AppEx Networks Corporation) C:\WINDOWS\system32\Drivers\appexDrv.sys
    2014-03-01 16:28 - 2014-03-01 16:28 - 00060733 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201403011528434076.log
    2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Program Files\ATI Technologies
    2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
    2014-03-01 16:25 - 2013-08-30 21:14 - 00156712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
    2014-03-01 16:25 - 2013-08-30 21:14 - 00141256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
    2014-03-01 16:25 - 2013-08-30 21:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
    2014-03-01 16:25 - 2013-08-30 21:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
    2014-03-01 16:25 - 2013-08-30 21:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
    2014-03-01 16:25 - 2013-08-30 21:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
    2014-03-01 16:25 - 2013-08-30 21:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
    2014-03-01 16:25 - 2013-08-30 21:05 - 00781312 _____ () C:\WINDOWS\system32\amdmiracast.dll
    2014-03-01 16:25 - 2013-08-30 20:48 - 00229376 _____ () C:\WINDOWS\system32\clinfo.exe
    2014-03-01 16:25 - 2013-08-30 20:48 - 00127488 _____ (AMD) C:\WINDOWS\system32\coinst_13.152.dll
    2014-03-01 16:25 - 2013-08-30 20:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
    2014-03-01 16:25 - 2013-08-30 20:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
    2014-03-01 16:25 - 2013-08-30 20:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
    2014-03-01 16:25 - 2013-08-30 20:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
    2014-03-01 16:25 - 2013-08-30 20:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
    2014-03-01 16:25 - 2013-08-30 20:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
    2014-03-01 16:25 - 2013-08-30 20:43 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2014-03-01 16:25 - 2013-08-30 20:43 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2014-03-01 16:25 - 2013-08-30 20:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
    2014-03-01 16:25 - 2013-08-30 20:18 - 00530824 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
    2014-03-01 16:25 - 2013-08-30 20:18 - 00530824 _____ () C:\WINDOWS\system32\atiapfxx.blb
    2014-03-01 16:25 - 2013-08-30 20:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
    2014-03-01 16:25 - 2013-08-30 20:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
    2014-03-01 16:25 - 2013-08-30 20:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
    2014-03-01 16:25 - 2013-08-30 20:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
    2014-03-01 16:25 - 2013-08-30 20:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
    2014-03-01 16:25 - 2013-08-30 20:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
    2014-03-01 16:25 - 2013-08-30 20:14 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
    2014-03-01 16:25 - 2013-08-30 20:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
    2014-03-01 16:25 - 2013-08-30 20:04 - 03388672 _____ () C:\WINDOWS\system32\atiumd6a.cap
    2014-03-01 16:25 - 2013-08-30 19:58 - 00571904 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
    2014-03-01 16:25 - 2013-08-30 19:58 - 00026112 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
    2014-03-01 16:25 - 2013-08-30 19:57 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
    2014-03-01 16:25 - 2013-08-30 19:56 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
    2014-03-01 16:25 - 2013-08-30 19:50 - 03422720 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
    2014-03-01 16:25 - 2013-08-30 19:37 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
    2014-03-01 16:25 - 2013-08-30 19:37 - 00090624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
    2014-03-01 16:25 - 2013-08-30 19:37 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
    2014-03-01 16:25 - 2013-08-30 19:37 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
    2014-03-01 16:25 - 2013-08-30 19:35 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
    2014-03-01 16:25 - 2013-08-30 19:34 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
    2014-03-01 16:25 - 2013-08-30 19:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
    2014-03-01 16:25 - 2013-08-30 19:33 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
    2014-03-01 16:25 - 2013-08-30 19:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
    2014-03-01 16:25 - 2013-08-30 19:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
    2014-03-01 16:25 - 2013-08-30 19:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
    2014-03-01 16:25 - 2013-08-30 19:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
    2014-03-01 16:25 - 2013-08-30 19:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
    2014-03-01 16:25 - 2013-08-30 19:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
    2014-03-01 16:25 - 2013-08-27 16:06 - 00233652 _____ () C:\WINDOWS\system32\ativvaxy_cik.dat
    2014-03-01 16:25 - 2013-08-27 14:27 - 00082336 _____ () C:\WINDOWS\system32\ativce02.dat
    2014-03-01 16:25 - 2013-08-07 14:22 - 00716208 _____ () C:\WINDOWS\system32\atiicdxx.dat
    2014-03-01 16:25 - 2013-08-07 12:12 - 00231984 _____ () C:\WINDOWS\system32\ativvaxy_cik_nd.dat
    2014-03-01 16:25 - 2013-05-04 16:22 - 00047164 _____ () C:\WINDOWS\atiogl.xml
    2014-03-01 16:21 - 2014-03-01 16:29 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-03-01 16:18 - 2013-10-15 17:03 - 00111488 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\THAccel.sys
    2014-03-01 12:51 - 2014-03-01 12:51 - 00001993 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2014-02-26 18:30 - 2014-03-01 12:47 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
    2014-02-26 18:29 - 2014-03-02 15:58 - 00000000 ____D () C:\ProgramData\Yahoo!

    ==================== One Month Modified Files and Folders =======

    2014-03-22 16:36 - 2014-03-22 16:36 - 00014881 _____ () C:\Users\Michelle\Desktop\FRST.txt
    2014-03-22 16:36 - 2014-03-22 16:36 - 00000000 ____D () C:\FRST
    2014-03-22 16:34 - 2014-03-22 16:34 - 02157056 _____ (Farbar) C:\Users\Michelle\Desktop\FRST64.exe
    2014-03-22 16:34 - 2013-12-25 21:30 - 01545034 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-03-22 16:33 - 2014-03-22 16:33 - 00001974 _____ () C:\Users\Michelle\Desktop\AdwCleaner[S0].txt
    2014-03-22 16:33 - 2014-03-22 16:33 - 00000798 _____ () C:\Users\Michelle\Desktop\JRT.txt
    2014-03-22 16:33 - 2013-08-22 13:06 - 00000000 ____D () C:\WINDOWS\AppReadiness
    2014-03-22 16:30 - 2013-08-22 13:06 - 00000000 ____D () C:\WINDOWS\system32\sru
    2014-03-22 16:27 - 2013-12-25 09:28 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2676312113-550927975-3917386946-1001
    2014-03-22 16:26 - 2014-03-22 16:26 - 00000000 ____D () C:\WINDOWS\ERUNT
    2014-03-22 16:26 - 2013-11-14 04:58 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-03-22 16:25 - 2014-03-22 16:25 - 01037734 _____ (Thisisu) C:\Users\Michelle\Desktop\JRT.exe
    2014-03-22 16:23 - 2013-12-25 09:54 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
    2014-03-22 16:22 - 2014-01-22 19:27 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-03-22 16:22 - 2014-01-22 19:27 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-03-22 16:22 - 2014-01-22 19:27 - 00000000 ____D () C:\Users\Michelle\AppData\Local\Deployment
    2014-03-22 16:22 - 2014-01-06 15:57 - 00004986 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MICHELLE-Michelle Michelle
    2014-03-22 16:22 - 2013-12-26 00:50 - 00000000 __RDO () C:\Users\Michelle\SkyDrive
    2014-03-22 16:20 - 2013-08-22 12:15 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-03-22 16:20 - 2013-08-22 10:55 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
    2014-03-22 16:19 - 2014-03-22 16:17 - 00000000 ____D () C:\AdwCleaner
    2014-03-22 16:19 - 2013-10-31 02:34 - 02996794 _____ () C:\Users\Public\CAFADEBUG.log
    2014-03-22 16:17 - 2014-03-22 16:17 - 01950720 _____ () C:\Users\Michelle\Desktop\adwcleaner.exe
    2014-03-22 15:42 - 2014-01-22 19:27 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2014-03-22 14:57 - 2013-12-25 09:19 - 00000000 ____D () C:\Users\Michelle\AppData\Local\Packages
    2014-03-22 03:10 - 2013-12-25 21:11 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
    2014-03-21 18:56 - 2014-01-03 10:24 - 00000072 _____ () C:\Users\Public\LMDebug.log
    2014-03-20 22:00 - 2014-03-20 22:00 - 00688992 _____ (Swearware) C:\Users\Michelle\Desktop\dds.scr
    2014-03-20 21:54 - 2013-11-14 04:50 - 00012370 _____ () C:\WINDOWS\PFRO.log
    2014-03-20 21:53 - 2014-03-20 21:53 - 00688992 _____ (Swearware) C:\Users\Michelle\Downloads\dds (1).com
    2014-03-20 21:52 - 2014-03-20 21:52 - 00688992 _____ (Swearware) C:\Users\Michelle\Downloads\dds.com
    2014-03-20 21:24 - 2014-03-20 21:24 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\Users\Michelle\AppData\Roaming\Malwarebytes
    2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-03-20 21:24 - 2014-03-20 21:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-03-20 21:23 - 2014-03-20 21:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Michelle\Downloads\mbam-setup-1.75.0.1300.exe
    2014-03-20 14:01 - 2013-12-25 09:21 - 00000000 ___RD () C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2014-03-20 14:01 - 2013-12-25 09:21 - 00000000 ___RD () C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    2014-03-20 13:59 - 2013-08-22 13:06 - 00000000 ___RD () C:\WINDOWS\ToastData
    2014-03-18 18:57 - 2013-12-25 12:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2014-03-18 18:55 - 2013-12-25 12:02 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2014-03-18 18:55 - 2013-08-22 10:55 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
    2014-03-15 10:22 - 2013-12-25 21:17 - 00000000 ____D () C:\Users\Michelle
    2014-03-14 14:30 - 2013-08-22 12:14 - 00474072 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
    2014-03-14 14:25 - 2013-08-22 13:06 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-03-14 14:25 - 2013-08-22 13:06 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-03-14 14:25 - 2013-08-22 13:06 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-03-14 14:25 - 2013-08-22 13:06 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
    2014-03-07 23:40 - 2014-03-07 23:40 - 01642566 _____ () C:\Users\Michelle\Downloads\Snap-2_0_0_2.bar
    2014-03-04 20:23 - 2013-08-22 13:08 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2014-03-04 20:23 - 2013-08-22 13:08 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2014-03-02 15:58 - 2014-02-26 18:29 - 00000000 ____D () C:\ProgramData\Yahoo!
    2014-03-02 15:58 - 2013-12-25 18:46 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
    2014-03-02 12:08 - 2013-08-22 13:06 - 00000000 ____D () C:\WINDOWS\system32\NDF
    2014-03-01 16:42 - 2014-03-01 16:42 - 00000000 ____D () C:\Users\Michelle\AppData\Local\AppEx Networks
    2014-03-01 16:40 - 2013-08-22 12:16 - 00288840 _____ () C:\WINDOWS\setupact.log
    2014-03-01 16:38 - 2014-03-01 16:38 - 00000000 ____D () C:\ProgramData\ATI
    2014-03-01 16:34 - 2013-04-30 03:29 - 00000000 ____D () C:\Program Files\Toshiba
    2014-03-01 16:33 - 2013-10-31 02:14 - 00000000 ____D () C:\ProgramData\AMD
    2014-03-01 16:32 - 2014-03-01 16:32 - 00000000 ____D () C:\Program Files (x86)\Realtek
    2014-03-01 16:32 - 2013-04-30 03:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-03-01 16:30 - 2013-10-31 02:19 - 00063772 _____ () C:\WINDOWS\DPINST.LOG
    2014-03-01 16:29 - 2014-03-01 16:29 - 00000000 ____D () C:\Program Files\AMD Quick Stream
    2014-03-01 16:29 - 2014-03-01 16:21 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-03-01 16:28 - 2014-03-01 16:28 - 00060733 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201403011528434076.log
    2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Program Files\ATI Technologies
    2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
    2014-03-01 16:28 - 2013-10-31 02:13 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
    2014-03-01 16:21 - 2013-04-30 03:30 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
    2014-03-01 16:20 - 2013-12-25 21:11 - 00000000 ____D () C:\Program Files\CONEXANT
    2014-03-01 12:51 - 2014-03-01 12:51 - 00001993 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2014-03-01 12:47 - 2014-02-26 18:30 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
    2014-03-01 12:47 - 2014-01-23 18:37 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-03-01 12:47 - 2014-01-23 18:37 - 00000000 ____D () C:\Program Files\iTunes
    2014-03-01 12:47 - 2014-01-23 18:37 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-03-01 12:38 - 2013-08-22 13:06 - 00000000 ____D () C:\WINDOWS\registration
    2014-03-01 12:36 - 2014-01-23 18:37 - 00000000 ____D () C:\Program Files\iPod
    2014-03-01 12:06 - 2012-07-26 05:42 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
    2014-03-01 03:35 - 2014-03-12 09:43 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2014-03-01 02:28 - 2014-03-12 09:42 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2014-03-01 02:00 - 2014-03-12 09:43 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2014-03-01 01:47 - 2014-03-12 09:42 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2014-03-01 01:24 - 2014-03-12 09:42 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2014-03-01 01:17 - 2014-03-12 09:42 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2014-03-01 01:12 - 2014-03-12 09:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2014-03-01 00:48 - 2014-03-12 09:42 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2014-03-01 00:44 - 2014-03-12 09:42 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2014-03-01 00:40 - 2014-03-12 09:42 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2014-03-01 00:33 - 2014-03-12 09:42 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2014-03-01 00:27 - 2014-03-12 09:42 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2014-03-01 00:08 - 2014-03-12 09:42 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2014-03-01 00:02 - 2014-03-12 09:42 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2014-02-28 23:57 - 2014-03-12 09:42 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2014-02-28 23:55 - 2014-03-12 09:42 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2014-02-28 23:55 - 2014-03-12 09:42 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2014-02-26 18:30 - 2013-12-25 18:54 - 00000000 ____D () C:\Users\Michelle\AppData\Roaming\Yahoo!
    2014-02-21 11:35 - 2014-02-06 23:34 - 00440672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndisflt.sys

    Some content of TEMP:
    ====================
    C:\Users\Michelle\AppData\Local\Temp\OfficeSetup.exe
    C:\Users\Michelle\AppData\Local\Temp\Quarantine.exe
    C:\Users\Michelle\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_3eefcf79-8d81-4786-a363-630e92dd884d_TX_PR_.exe
    C:\Users\Michelle\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_668c5844-b998-4d26-984f-411b4ed1be5c_TX_PR_.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys
    [2014-03-12 09:42] - [2014-01-31 13:45] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



    LastRegBack: 2014-03-20 02:38

    ==================== End Of Log ============================

  8. #8
    Join Date
    Jan 2006
    Posts
    400
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
    Ran by Michelle at 2014-03-22 16:37:05
    Running from C:\Users\Michelle\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    Adobe Reader X (10.1.8) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
    AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
    AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    AMD Catalyst Install Manager (HKLM\...\{5D42947B-E961-C0B5-5A70-EA0F753331EB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
    AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
    AMD Start Now (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software)
    Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
    Genesys Logic USB2.0 Card Reader (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
    Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41504) (Version: 45251 - Intel)
    iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
    Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
    Microsoft Office 365 Home Premium - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4551.1512 - Microsoft Corporation)
    Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden
    OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
    REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
    Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0021 - REALTEK Semiconductor Corp.)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.2.0 - Synaptics Incorporated)
    Sync (HKCU\...\87a4ce57e9665181) (Version: 1.0.0.47 - Daniel Bigham)
    TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.15.4 - Toshiba Corporation)
    TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
    TOSHIBA Display Utility (HKLM\...\{4BBF3F6A-D3B6-48E3-85E1-5C38D3A98034}) (Version: 1.1.7.0 - Toshiba Corporation)
    TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
    TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6630.6403 - Toshiba Corporation)
    TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 2.2.0000 - Toshiba Corporation)
    TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 4.0.5.0 - Toshiba Corporation)
    TOSHIBA Password Utility (Version: 4.0.5.0 - Toshiba Corporation) Hidden
    TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
    TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
    TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
    TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
    TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
    TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
    WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.2 - WildTangent) Hidden
    Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
    Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

    ==================== Restore Points =========================

    01-03-2014 15:03:14 Restore Operation
    08-03-2014 15:07:22 Scheduled Checkpoint
    12-03-2014 13:27:47 Windows Update
    18-03-2014 21:24:11 Windows Update

    ==================== Hosts content: ==========================

    2013-08-22 10:55 - 2013-08-22 10:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {01428108-856E-4AC4-B6AA-2FCA42ADA5E4} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
    Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
    Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
    Task: {19768086-500A-4567-9DE6-BC2D2D1716C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
    Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
    Task: {2758B6D5-C71D-48C8-84A5-557EFE27EBF9} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-05] (Synaptics Incorporated)
    Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
    Task: {37C41A14-18F4-4A60-8B9E-FF106272E24B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
    Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
    Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
    Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
    Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
    Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
    Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
    Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
    Task: {8DFB3737-2E0C-4EAE-B8E3-C6B7FE9AFC3B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
    Task: {911DB535-F561-4570-A180-02B3219118DE} - System32\Tasks\UMonitor Task => C:\windows\system32\UMonit64.exe
    Task: {95495AD5-0F26-4FBC-BB97-6A15A95EA555} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MICHELLE-Michelle Michelle => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-01-21] (Microsoft Corporation)
    Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
    Task: {B47F04CA-CE64-45CB-BEB6-EB9464D27231} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-06] (AVAST Software)
    Task: {C013C99C-5806-4AB9-9A6E-B2CD7C349AB6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-21] (Microsoft Corporation)
    Task: {C0FF198E-DB1D-42E7-AA64-FD9B6561EAD5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-18] (Microsoft Corporation)
    Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
    Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
    Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
    Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
    Task: {ECC51913-7B1C-4EF6-953E-BF07D3A467F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    ==================== Loaded Modules (whitelisted) =============

    2011-06-15 06:57 - 2011-06-15 06:57 - 00034304 _____ () C:\WINDOWS\System32\ssb6mlm.dll
    2013-08-30 20:47 - 2013-08-30 20:47 - 00099328 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
    2014-01-01 16:13 - 2013-10-31 10:07 - 00377000 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
    2014-01-01 16:13 - 2013-10-31 10:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
    2014-01-01 16:13 - 2013-10-31 10:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
    2012-07-18 23:08 - 2012-07-18 23:08 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
    2014-01-21 19:36 - 2014-01-21 19:36 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2013-08-30 20:47 - 2013-08-30 20:47 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
    2014-03-22 16:21 - 2014-03-22 15:05 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032201\algo.dll
    2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-01-03 10:34 - 2014-01-10 15:40 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
    2014-01-21 19:36 - 2014-01-21 19:36 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll
    2014-01-03 10:32 - 2014-01-10 15:35 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
    2014-01-21 19:32 - 2014-01-21 19:32 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\c2r32.dll
    2013-10-31 02:48 - 2013-07-19 15:07 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
    2013-10-31 02:48 - 2013-07-19 15:07 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
    2013-10-31 02:48 - 2013-07-19 15:07 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
    2013-10-31 02:48 - 2013-07-19 15:07 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
    2013-10-31 02:48 - 2013-07-19 15:07 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
    2013-10-31 02:48 - 2013-07-19 15:07 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
    2013-10-31 02:48 - 2013-07-19 15:07 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
    2013-10-31 02:48 - 2013-07-19 15:07 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
    2013-10-31 02:48 - 2013-07-19 15:07 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
    2013-12-25 09:54 - 2013-12-25 09:54 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-01-20 14:16 - 2014-01-20 14:16 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\ProgramData\TEMP:E4FCDFD9
    AlternateDataStreams: C:\Users\Michelle\SkyDrive:ms-properties

    ==================== Safe Mode (whitelisted) ===================


    ==================== Disabled items from MSCONFIG ==============


    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (03/22/2014 04:04:46 PM) (Source: Application Error) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16518, time stamp: 0x52f347b2
    Faulting module name: MSHTML.dll, version: 11.0.9600.16521, time stamp: 0x5311622b
    Exception code: 0x4000001f
    Fault offset: 0x003b4aa6
    Faulting process id: 0x1b4c
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (03/22/2014 03:06:58 PM) (Source: Application Error) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16518, time stamp: 0x52f347b2
    Faulting module name: MSHTML.dll, version: 11.0.9600.16521, time stamp: 0x5311622b
    Exception code: 0xc0000005
    Fault offset: 0x0009751f
    Faulting process id: 0x41a4
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 10260859

    Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 10260859

    Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 32934406

    Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 32934406

    Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (03/22/2014 03:10:51 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7217015

    Error: (03/22/2014 03:10:51 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 7217015


    System errors:
    =============
    Error: (03/22/2014 04:20:17 PM) (Source: Microsoft-Windows-HAL) (User: NT AUTHORITY)
    Description: The system watchdog timer was triggered.

    Error: (03/22/2014 10:22:30 AM) (Source: DCOM) (User: NT AUTHORITY)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (03/21/2014 00:27:39 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (03/20/2014 09:54:32 PM) (Source: Microsoft-Windows-HAL) (User: NT AUTHORITY)
    Description: The system watchdog timer was triggered.

    Error: (03/20/2014 02:00:15 PM) (Source: Microsoft-Windows-HAL) (User: NT AUTHORITY)
    Description: The system watchdog timer was triggered.

    Error: (03/20/2014 01:58:39 PM) (Source: DCOM) (User: MICHELLE)
    Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

    Error: (03/20/2014 01:58:39 PM) (Source: DCOM) (User: MICHELLE)
    Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

    Error: (03/20/2014 00:14:17 PM) (Source: DCOM) (User: MICHELLE)
    Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}MichelleMichelleS-1-5-21-2676312113-550927975-3917386946-1001LocalHost (Using LRPC)UnavailableUnavailable

    Error: (03/20/2014 00:10:51 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (03/19/2014 03:16:17 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


    Microsoft Office Sessions:
    =========================
    Error: (03/22/2014 04:04:46 PM) (Source: Application Error)(User: )
    Description: IEXPLORE.EXE11.0.9600.1651852f347b2MSHTML.dll11.0.9600.165215311622b4000001f003b4aa61b4c01cf454b1abb1c8aC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\MSHTML.dlla41cca5f-b1f0-11e3-be9b-089e01ee9948

    Error: (03/22/2014 03:06:58 PM) (Source: Application Error)(User: )
    Description: IEXPLORE.EXE11.0.9600.1651852f347b2MSHTML.dll11.0.9600.165215311622bc00000050009751f41a401cf45f3e53a53b2C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\MSHTML.dll90d68d78-b1e8-11e3-be9b-089e01ee9948

    Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 10260859

    Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 10260859

    Error: (03/22/2014 02:55:30 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 32934406

    Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 32934406

    Error: (03/22/2014 10:19:29 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (03/22/2014 03:10:51 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7217015

    Error: (03/22/2014 03:10:51 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 7217015


    ==================== Memory info ===========================

    Percentage of memory in use: 37%
    Total physical RAM: 5581.5 MB
    Available physical RAM: 3503.33 MB
    Total Pagefile: 6477.5 MB
    Available Pagefile: 4048.86 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.79 MB

    ==================== Drives ================================

    Drive c: (TI80145100B) (Fixed) (Total:684.9 GB) (Free:639.98 GB) NTFS
    Drive d: (Advanced Nursing) (CDROM) (Total:1.98 GB) (Free:0 GB) CDFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 699 GB) (Disk ID: 00000000)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================

  9. #9
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
    Attached Files Attached Files

  10. #10
    Join Date
    Jan 2006
    Posts
    400
    When I click that to download it, it is called attachment.php , not fixlist.txt. I don't want to go ahead with the fix unless I know for sure that this is okay!

  11. #11
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    What browser?

  12. #12
    Join Date
    Jan 2006
    Posts
    400
    Using internet explorer 11.

  13. #13
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    When I click on fixlist.txt using IE there is a popup at the bottom of the screen:

    Do you want to open or save fixlist.txt (618 bytes) from discussions.virtualdr.com?

    You don't see it?

  14. #14
    Join Date
    Jan 2006
    Posts
    400
    Yes, but when I click save as to set the download location to the desktop, the file name comes up as attachment.php, I screencapped it so you could see it, but can't get the file to upload. I'll keep trying.

  15. #15
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Download it wherever you normally download anything and then copy/paste to Desktop.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •