Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I Think I've Picked up Malware .....Adobe Flash Crashes Constantly


  • This topic is locked This topic is locked

#1
star_stitcher5

star_stitcher5

    Member

  • Member
  • PipPip
  • 47 posts

Hi, I'm pretty sure I've picked up Malware of some sort. I downloaded SmartPCFixer sometime back, decided to uninstall it, did that but it is still on my laptop and still runs. I've contacted these folks and was told to uninstall it which I've done but still it's there. Also, Adobe Flash constantly crashes on Youtube or any other site that requires Flash, this is when I use Firefox. The problem isn't there with IE. It's driving me nuts! I've run Malware Bytes, Super AntiSpyware, Adware, CCleaner and AVAST....tried to do a system restore, that's not helping either. Not sure what is wrong, if it is a Firefox update that's causing Adobe Flash to constantly crash or what. I need to fix that plus get SmartPCFixer off my laptop. I have a Toshiba Satellite Laptop and am running Win 8.1

 

Any help is very much appreciated.

 

Thanks!

 

Linda


  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello Linda,

 

Let's see what we can find. :)

 

Now

 

Important - We ask that the tools we use be downloaded to your computers desktop.

If you are unsure about how to do that, please press the Show button beside Spoiler below to see guides for the most popular browsers:

Spoiler

Next

Please download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

 


  • 0

#3
star_stitcher5

star_stitcher5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Hi, thanks for answering. I clicked on the Show button but don't see anything that indicates Settings.


  • 0

#4
star_stitcher5

star_stitcher5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

OK I found it, so am continuing with instructions, thanks!


  • 0

#5
star_stitcher5

star_stitcher5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Got it!

 

Here's the First Scan:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Linda (administrator) on LINDALAPTOP on 11-03-2015 11:13:04
Running from C:\Users\Linda\Downloads
Loaded Profiles: Linda (Available profiles: Linda)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\SmartPCFixer\SmartPCFixer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Windows\SysWOW64\UMonit64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-28] (SUPERAntiSpyware)
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [429792 2013-04-11] (AppEx Networks Corporation)
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\MountPoints2: {123a54da-684c-11e4-827d-c454442c9198} - "E:\LGAutoRun.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.2.0.38
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.2.0.38
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.toshiba.ca/welcome/?w=23
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.toshiba.ca/welcome/?w=23
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-ca/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-05] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-05] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.1

FireFox:
========
FF ProfilePath: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\1v38mi9i.default-1425365656615
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-07] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2293777963-1639995663-2975564211-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Linda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF Extension: Linkificator - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\1v38mi9i.default-1425365656615\Extensions\[email protected] [2015-03-02]
FF Extension: Video WithOut Flash - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\1v38mi9i.default-1425365656615\Extensions\[email protected] [2015-03-03]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-12]

Chrome:
=======
CHR DefaultSearchKeyword: Default -> ask.com
CHR Profile: C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-28]
CHR Extension: (Quick Extension Reload) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\goeiakeofnlpkioeadcbocfifmgkidpb [2014-09-07]
CHR Extension: (Avast Online Security) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-28]
CHR Extension: (Google Wallet) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-15] (SUPERAntiSpyware.com)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-30] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-05] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-05] (Avast Software)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-10-17] (TOSHIBA CORPORATION)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 83855696; C:\Windows\system32\DRIVERS\83855696.sys [458336 2014-12-06] (Kaspersky Lab ZAO)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-05] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [105704 2013-08-16] (GenesysLogic)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1544704 2013-03-12] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-05] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 11:13 - 2015-03-11 11:13 - 00017103 _____ () C:\Users\Linda\Downloads\FRST.txt
2015-03-11 11:12 - 2015-03-11 11:13 - 00000000 ____D () C:\FRST
2015-03-11 11:11 - 2015-03-11 11:11 - 02095616 _____ (Farbar) C:\Users\Linda\Downloads\FRST64.exe
2015-03-11 10:11 - 2015-01-27 18:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 10:11 - 2015-01-27 18:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-09 11:13 - 2015-03-09 11:13 - 02171392 _____ () C:\Users\Linda\Downloads\adwcleaner_4.112.exe
2015-03-07 11:28 - 2015-03-07 11:28 - 05325696 _____ (Piriform Ltd) C:\Users\Linda\Downloads\ccsetup503.exe
2015-03-05 15:54 - 2015-03-05 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-01 18:48 - 2015-03-11 10:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-01 18:48 - 2015-03-07 12:55 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-01 18:43 - 2015-03-01 18:43 - 00003176 _____ () C:\Windows\System32\Tasks\{A94C431E-77B1-4B8A-807D-5B77451B19F8}
2015-03-01 18:31 - 2015-03-01 18:31 - 00072959 _____ () C:\468d6e04-9c3a-4082-917d-e101b2501656.dmp
2015-02-28 20:09 - 2015-02-28 20:09 - 18129584 _____ (Adobe Systems Incorporated) C:\Users\Linda\Downloads\install_flash_player.exe
2015-02-28 19:27 - 2015-03-09 11:38 - 00008356 _____ () C:\Windows\PFRO.log
2015-02-28 12:18 - 2015-02-28 12:18 - 00001080 _____ () C:\Users\Linda\Desktop\Eusing Free Registry Cleaner.lnk
2015-02-28 12:18 - 2015-02-28 12:18 - 00000000 ____D () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
2015-02-28 12:18 - 2015-02-28 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
2015-02-28 12:18 - 2015-02-28 12:18 - 00000000 ____D () C:\Program Files (x86)\Eusing Free Registry Cleaner
2015-02-28 12:17 - 2015-02-28 12:17 - 00983613 _____ () C:\Users\Linda\Downloads\EFRCSetup(2).exe
2015-02-28 11:06 - 2015-02-28 11:06 - 41008512 _____ () C:\Users\Linda\Downloads\Firefox Setup 36.0.exe
2015-02-28 11:02 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-28 11:02 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-28 11:02 - 2014-10-28 18:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-28 11:02 - 2014-10-28 18:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-28 11:02 - 2014-10-28 18:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-28 11:02 - 2014-10-28 18:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-02-28 10:51 - 2015-02-28 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-28 10:50 - 2014-12-05 12:28 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-28 10:48 - 2015-03-09 13:41 - 00002284 _____ () C:\Windows\setupact.log
2015-02-28 10:48 - 2015-02-28 10:48 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-26 16:38 - 2015-03-11 11:05 - 01324353 _____ () C:\Windows\WindowsUpdate.log
2015-02-26 11:40 - 2015-02-26 11:40 - 00000000 ____D () C:\Users\Linda\AppData\Roaming\LavasoftStatistics
2015-02-26 11:34 - 2015-02-26 13:56 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-02-25 11:26 - 2015-02-25 11:26 - 00000000 ____D () C:\Users\Public\Documents\sun
2015-02-22 16:27 - 2015-02-22 16:31 - 133616624 _____ () C:\Users\Linda\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-GB(1).exe
2015-02-16 03:39 - 2015-01-22 21:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-16 03:39 - 2015-01-22 20:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 03:36 - 2015-01-11 20:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 03:36 - 2015-01-11 19:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 03:36 - 2015-01-11 18:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 03:35 - 2015-01-13 15:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 03:35 - 2015-01-11 19:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 03:35 - 2015-01-11 19:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 03:35 - 2015-01-11 19:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 03:35 - 2015-01-11 19:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 03:35 - 2015-01-11 19:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 03:35 - 2015-01-11 19:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 03:35 - 2015-01-11 19:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 03:35 - 2015-01-11 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 03:35 - 2015-01-11 19:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 03:35 - 2015-01-11 18:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-11 03:35 - 2015-01-11 18:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 03:35 - 2015-01-11 18:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-11 03:35 - 2015-01-11 18:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 03:35 - 2015-01-11 18:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 03:35 - 2015-01-11 18:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 03:35 - 2015-01-11 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 03:35 - 2015-01-11 18:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 03:35 - 2015-01-11 18:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-11 03:35 - 2015-01-11 18:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 03:35 - 2015-01-11 18:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-11 03:35 - 2015-01-11 18:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 03:35 - 2015-01-11 18:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-11 03:35 - 2015-01-11 18:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 03:35 - 2015-01-11 18:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 03:35 - 2015-01-11 18:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 03:35 - 2015-01-11 18:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 03:35 - 2015-01-11 18:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 03:35 - 2015-01-11 18:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 03:35 - 2015-01-11 18:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 03:35 - 2015-01-11 17:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 03:35 - 2015-01-11 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 03:35 - 2014-12-08 20:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 03:35 - 2014-12-08 18:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 03:34 - 2015-01-15 15:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 03:34 - 2015-01-15 15:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 03:34 - 2015-01-13 21:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 03:34 - 2015-01-13 20:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 03:34 - 2015-01-13 15:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 03:34 - 2015-01-10 02:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 03:34 - 2015-01-10 02:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-11 03:34 - 2015-01-10 01:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-11 03:34 - 2015-01-10 00:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 03:34 - 2015-01-09 23:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 03:34 - 2014-12-19 01:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 03:34 - 2014-12-19 01:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 03:34 - 2014-12-08 16:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-11 03:34 - 2014-10-28 19:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 03:34 - 2014-10-28 19:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 03:34 - 2014-10-28 19:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 03:34 - 2014-10-28 19:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 03:34 - 2014-10-28 19:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-11 03:34 - 2014-10-28 19:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-11 03:34 - 2014-10-28 18:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-11 03:34 - 2014-10-28 18:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 03:34 - 2014-10-28 18:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 03:34 - 2014-10-28 18:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-11 03:34 - 2014-10-28 18:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-11 03:34 - 2014-10-28 18:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-11 03:34 - 2014-10-28 18:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-11 03:33 - 2015-02-03 16:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 03:33 - 2015-02-03 16:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 03:33 - 2015-02-03 16:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 03:33 - 2015-02-02 16:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 03:33 - 2015-02-02 16:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 03:33 - 2015-02-02 16:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 03:33 - 2015-01-19 11:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-11 03:33 - 2015-01-10 01:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 11:11 - 2014-05-16 22:07 - 05776384 ___SH () C:\Users\Linda\Downloads\Thumbs.db
2015-03-11 11:05 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-11 11:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-11 10:33 - 2014-05-12 14:02 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-11 09:58 - 2014-05-12 13:54 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7F98E464-546B-493E-8A66-68F21CF9D6A0}
2015-03-11 09:55 - 2014-05-17 09:37 - 00000000 ____D () C:\Users\Linda\AppData\Local\CrashDumps
2015-03-11 03:57 - 2014-03-26 01:01 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-11 00:54 - 2014-05-12 13:54 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2293777963-1639995663-2975564211-1001
2015-03-10 20:31 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-10 15:33 - 2014-05-12 14:02 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-09 13:51 - 2014-03-26 01:19 - 00000000 ____D () C:\Windows\System32\Tasks\TOSHIBA
2015-03-09 13:48 - 2013-09-13 18:58 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-09 13:42 - 2014-05-17 18:42 - 00000000 ___DO () C:\Users\Linda\OneDrive
2015-03-09 13:41 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-09 13:40 - 2013-08-22 06:25 - 00262144 _____ () C:\Windows\system32\config\BBI
2015-03-09 13:39 - 2014-03-26 01:25 - 16512222 _____ () C:\Users\Public\CAFADEBUG.log
2015-03-09 13:39 - 2013-09-13 19:18 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2015-03-09 13:39 - 2013-09-13 19:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-09 11:47 - 2014-10-27 17:15 - 00000000 ____D () C:\AdwCleaner
2015-03-09 11:38 - 2014-05-12 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-09 10:53 - 2014-05-16 13:26 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-08 10:34 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-07 12:56 - 2014-07-23 13:31 - 00000000 ____D () C:\Users\Linda\AppData\Local\Adobe
2015-03-07 11:29 - 2014-07-07 19:14 - 00000805 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-07 11:29 - 2014-07-07 19:14 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-03 22:38 - 2014-05-12 14:03 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-02 23:54 - 2014-05-12 23:40 - 00000000 ____D () C:\Users\Linda\Desktop\Old Firefox Data
2015-02-28 12:24 - 2014-05-16 13:35 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-28 11:16 - 2014-05-12 14:18 - 00001186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-28 11:16 - 2014-05-12 14:18 - 00001174 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-28 10:51 - 2014-12-05 12:29 - 00001951 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-28 10:51 - 2014-05-12 14:03 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-28 10:49 - 2014-05-12 13:46 - 00000000 ____D () C:\Users\Linda
2015-02-28 10:47 - 2014-12-10 21:00 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-28 10:47 - 2014-07-09 22:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-28 10:47 - 2013-08-22 08:36 - 00000000 __RSD () C:\Windows\Media
2015-02-28 10:47 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-28 10:46 - 2014-07-10 13:53 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2015-02-28 10:46 - 2014-07-07 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-28 10:46 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-02-28 10:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\registration
2015-02-28 10:34 - 2014-10-27 11:00 - 00000000 ____D () C:\Program Files\AMD
2015-02-28 10:34 - 2014-07-10 13:52 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-02-19 16:21 - 2013-08-22 06:25 - 00262144 _____ () C:\Windows\system32\config\BBI(134)
2015-02-17 02:45 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2015-02-15 12:29 - 2013-08-22 07:44 - 00362544 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 12:17 - 2014-05-15 02:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 12:10 - 2014-05-15 02:23 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Linda\AppData\Local\Temp\Quarantine.exe
C:\Users\Linda\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-09 12:09

==================== End Of Log ============================

 

And the Second Additional one:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Linda at 2015-03-11 11:15:11
Running from C:\Users\Linda\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{5D42947B-E961-C0B5-5A70-EA0F753331EB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
calibre 64bit (HKLM\...\{5F63ABE2-91EB-489E-9F33-EBFBB6CE0DC9}) (Version: 1.48.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cole2k Media - Codec Pack (Advanced) 8.0.2 (HKLM-x32\...\Cole2k Media - Codec Pack) (Version: 8.0.2 - Cole2k Media)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.2.0 - Conexant)
Eusing Free Registry Cleaner (HKLM-x32\...\Eusing Free Registry Cleaner) (Version:  - Eusing Software)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.8 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.76 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{28B88897-774A-4005-BBFF-663B1F8EAA5A}) (Version: 4.10.9764 - Apache Software Foundation)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0021 - REALTEK Semiconductor Corp.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.0 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 2.2.0000 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 5.0.1.0 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.03.6400 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{6499E894-43F8-458B-AE35-724F4732BCDE}) (Version: 2.5.6 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Unity Web Player (HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.20 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

22-02-2015 16:36:29 Installed OpenOffice 4.1.1
26-02-2015 11:35:08 AA11
28-02-2015 10:29:26 Restore Operation
01-03-2015 20:43:04 avast! antivirus system restore point
09-03-2015 13:32:00 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {25D6580C-FCE7-47CE-8EC6-9BDC050B710D} - System32\Tasks\SmartPCFixer Automatically Update => C:\Program Files (x86)\SmartPCFixer\update\update.EXE [2014-07-03] (Sunisoft) <==== ATTENTION
Task: {33BB299E-268A-48AD-A143-4A77B1287904} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-05] (AVAST Software)
Task: {479FD7BC-C9CE-44AB-93AB-CEFB4C4661CC} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe
Task: {5D811B1D-DD56-44AA-9077-6E2EB4F6D736} - System32\Tasks\{A94C431E-77B1-4B8A-807D-5B77451B19F8} => pcalua.exe -a C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -c -maintain plugin
Task: {5ECE4233-EAD8-43B6-AA9A-1CB1BD45B836} - System32\Tasks\SmartPCFixer Startup => C:\Program Files (x86)\SmartPCFixer\SmartPCFixer.exe [2014-06-09] () <==== ATTENTION
Task: {78F71F5E-9580-46BB-94D4-CDCE2EE7DC2D} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
Task: {802D2317-58B8-47F5-9A42-BD4ACDD23017} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {841D3015-98E7-4FE8-BF53-0E63BFE14644} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-12] (Google Inc.)
Task: {87DC97E4-077D-4102-915B-D3A3ED2F11AE} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2013-08-28] ()
Task: {B398555D-BEE0-4603-90B6-FB57114DA7DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-12] (Google Inc.)
Task: {BBBBB525-214C-4C4F-BAF7-234FC99FF61C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {DD397677-11C0-411A-BE19-5F79BE5D05B8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-12] (Microsoft Corporation)
Task: {DED67DE7-B659-4CF0-9556-AC56FE1AC6B2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe
Task: {E8C4FBEC-C798-4DBB-8E0F-1C4CBC75C0F8} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe
Task: {F8DF3A75-66B7-45F4-918D-67D40F3A79F1} - System32\Tasks\SmartPCFixer Scan Weekly => C:\Program Files (x86)\SmartPCFixer\SmartPCFixer.exe [2014-06-09] () <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-08-30 19:47 - 2013-08-30 19:47 - 00099328 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-12-05 12:28 - 2014-12-05 12:28 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-05 12:28 - 2014-12-05 12:28 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-08-26 16:27 - 2014-06-09 18:44 - 18933048 _____ () C:\Program Files (x86)\SmartPCFixer\SmartPCFixer.exe
2014-03-26 01:16 - 2013-08-28 17:08 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2012-07-18 18:38 - 2012-07-18 18:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2015-03-09 03:23 - 2015-03-09 03:23 - 02919936 _____ () C:\Program Files\AVAST Software\Avast\defs\15030900\algo.dll
2014-12-05 12:28 - 2014-12-05 12:28 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-08-26 16:27 - 2014-06-09 18:43 - 00044856 _____ () C:\Program Files (x86)\SmartPCFixer\Common.dll
2014-08-26 16:27 - 2014-06-09 18:43 - 00066872 _____ () C:\Program Files (x86)\SmartPCFixer\RegisterLib.dll
2014-08-26 16:27 - 2014-06-09 18:43 - 00161592 _____ () C:\Program Files (x86)\SmartPCFixer\Diskdefrag.dll
2014-08-26 16:27 - 2014-06-09 18:43 - 00049464 _____ () C:\Program Files (x86)\SmartPCFixer\EvidenceMan.dll
2014-08-26 16:27 - 2014-06-09 18:43 - 00047928 _____ () C:\Program Files (x86)\SmartPCFixer\IEMan.dll
2014-08-26 16:27 - 2014-06-09 18:43 - 00636728 _____ () C:\Program Files (x86)\SmartPCFixer\RegisterCleanDll.dll
2014-08-26 16:27 - 2014-06-09 18:44 - 00063800 _____ () C:\Program Files (x86)\SmartPCFixer\RegMan.dll
2014-08-26 16:27 - 2014-06-09 18:44 - 00124216 _____ () C:\Program Files (x86)\SmartPCFixer\sysback.dll
2014-08-26 16:27 - 2014-06-09 18:44 - 00061240 _____ () C:\Program Files (x86)\SmartPCFixer\sysFix.dll
2014-08-26 16:27 - 2014-06-09 18:44 - 00047416 _____ () C:\Program Files (x86)\SmartPCFixer\sysTool.dll
2014-08-26 16:27 - 2014-06-09 18:44 - 00031032 _____ () C:\Program Files (x86)\SmartPCFixer\WindowsUpdateDll.dll
2014-12-05 12:28 - 2014-12-05 12:28 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Linda\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Linda\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Linda\AppData\Local\Microsoft\Windows\Themes\Jellyfish\DesktopBackground\jellyfish8.jpg
DNS Servers: 192.168.1.254 - 75.153.176.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"

==================== Accounts: =============================

Administrator (S-1-5-21-2293777963-1639995663-2975564211-500 - Administrator - Disabled)
Guest (S-1-5-21-2293777963-1639995663-2975564211-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2293777963-1639995663-2975564211-1003 - Limited - Enabled)
Linda (S-1-5-21-2293777963-1639995663-2975564211-1001 - Administrator - Enabled) => C:\Users\Linda

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/11/2015 09:54:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 17.0.10.51, time stamp: 0x53d06d8c
Faulting module name: SynTPEnh.exe, version: 17.0.10.51, time stamp: 0x53d06d8c
Exception code: 0xc0000005
Fault offset: 0x000000000007f872
Faulting process id: 0xd10
Faulting application start time: 0xSynTPEnh.exe0
Faulting application path: SynTPEnh.exe1
Faulting module path: SynTPEnh.exe2
Report Id: SynTPEnh.exe3
Faulting package full name: SynTPEnh.exe4
Faulting package-relative application ID: SynTPEnh.exe5

Error: (03/09/2015 06:38:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_16_0_0_305.exe, version: 16.0.0.305, time stamp: 0x54cff379
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x711990df
Faulting process id: 0x1690
Faulting application start time: 0xFlashPlayerPlugin_16_0_0_305.exe0
Faulting application path: FlashPlayerPlugin_16_0_0_305.exe1
Faulting module path: FlashPlayerPlugin_16_0_0_305.exe2
Report Id: FlashPlayerPlugin_16_0_0_305.exe3
Faulting package full name: FlashPlayerPlugin_16_0_0_305.exe4
Faulting package-relative application ID: FlashPlayerPlugin_16_0_0_305.exe5

Error: (03/09/2015 06:38:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_16_0_0_305.exe, version: 16.0.0.305, time stamp: 0x54cff379
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc00001a5
Fault offset: 0x02b35ce0
Faulting process id: 0x1690
Faulting application start time: 0xFlashPlayerPlugin_16_0_0_305.exe0
Faulting application path: FlashPlayerPlugin_16_0_0_305.exe1
Faulting module path: FlashPlayerPlugin_16_0_0_305.exe2
Report Id: FlashPlayerPlugin_16_0_0_305.exe3
Faulting package full name: FlashPlayerPlugin_16_0_0_305.exe4
Faulting package-relative application ID: FlashPlayerPlugin_16_0_0_305.exe5

Error: (03/09/2015 06:37:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_16_0_0_305.exe, version: 16.0.0.305, time stamp: 0x54cff379
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x711990df
Faulting process id: 0x4a74
Faulting application start time: 0xFlashPlayerPlugin_16_0_0_305.exe0
Faulting application path: FlashPlayerPlugin_16_0_0_305.exe1
Faulting module path: FlashPlayerPlugin_16_0_0_305.exe2
Report Id: FlashPlayerPlugin_16_0_0_305.exe3
Faulting package full name: FlashPlayerPlugin_16_0_0_305.exe4
Faulting package-relative application ID: FlashPlayerPlugin_16_0_0_305.exe5

Error: (03/09/2015 06:37:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_16_0_0_305.exe, version: 16.0.0.305, time stamp: 0x54cff379
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc00001a5
Fault offset: 0x010f5ce0
Faulting process id: 0x4a74
Faulting application start time: 0xFlashPlayerPlugin_16_0_0_305.exe0
Faulting application path: FlashPlayerPlugin_16_0_0_305.exe1
Faulting module path: FlashPlayerPlugin_16_0_0_305.exe2
Report Id: FlashPlayerPlugin_16_0_0_305.exe3
Faulting package full name: FlashPlayerPlugin_16_0_0_305.exe4
Faulting package-relative application ID: FlashPlayerPlugin_16_0_0_305.exe5

Error: (03/09/2015 06:37:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_16_0_0_305.exe, version: 16.0.0.305, time stamp: 0x54cff379
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x711990df
Faulting process id: 0x4994
Faulting application start time: 0xFlashPlayerPlugin_16_0_0_305.exe0
Faulting application path: FlashPlayerPlugin_16_0_0_305.exe1
Faulting module path: FlashPlayerPlugin_16_0_0_305.exe2
Report Id: FlashPlayerPlugin_16_0_0_305.exe3
Faulting package full name: FlashPlayerPlugin_16_0_0_305.exe4
Faulting package-relative application ID: FlashPlayerPlugin_16_0_0_305.exe5

Error: (03/09/2015 06:37:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_16_0_0_305.exe, version: 16.0.0.305, time stamp: 0x54cff379
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc00001a5
Fault offset: 0x01235ce0
Faulting process id: 0x4994
Faulting application start time: 0xFlashPlayerPlugin_16_0_0_305.exe0
Faulting application path: FlashPlayerPlugin_16_0_0_305.exe1
Faulting module path: FlashPlayerPlugin_16_0_0_305.exe2
Report Id: FlashPlayerPlugin_16_0_0_305.exe3
Faulting package full name: FlashPlayerPlugin_16_0_0_305.exe4
Faulting package-relative application ID: FlashPlayerPlugin_16_0_0_305.exe5

Error: (03/09/2015 06:37:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_16_0_0_305.exe, version: 16.0.0.305, time stamp: 0x54cff379
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x711990df
Faulting process id: 0x4b78
Faulting application start time: 0xFlashPlayerPlugin_16_0_0_305.exe0
Faulting application path: FlashPlayerPlugin_16_0_0_305.exe1
Faulting module path: FlashPlayerPlugin_16_0_0_305.exe2
Report Id: FlashPlayerPlugin_16_0_0_305.exe3
Faulting package full name: FlashPlayerPlugin_16_0_0_305.exe4
Faulting package-relative application ID: FlashPlayerPlugin_16_0_0_305.exe5

Error: (03/09/2015 06:37:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_16_0_0_305.exe, version: 16.0.0.305, time stamp: 0x54cff379
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc00001a5
Fault offset: 0x00865ce0
Faulting process id: 0x4b78
Faulting application start time: 0xFlashPlayerPlugin_16_0_0_305.exe0
Faulting application path: FlashPlayerPlugin_16_0_0_305.exe1
Faulting module path: FlashPlayerPlugin_16_0_0_305.exe2
Report Id: FlashPlayerPlugin_16_0_0_305.exe3
Faulting package full name: FlashPlayerPlugin_16_0_0_305.exe4
Faulting package-relative application ID: FlashPlayerPlugin_16_0_0_305.exe5

Error: (03/09/2015 06:37:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_16_0_0_305.exe, version: 16.0.0.305, time stamp: 0x54cff379
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x711990df
Faulting process id: 0x1cf0
Faulting application start time: 0xFlashPlayerPlugin_16_0_0_305.exe0
Faulting application path: FlashPlayerPlugin_16_0_0_305.exe1
Faulting module path: FlashPlayerPlugin_16_0_0_305.exe2
Report Id: FlashPlayerPlugin_16_0_0_305.exe3
Faulting package full name: FlashPlayerPlugin_16_0_0_305.exe4
Faulting package-relative application ID: FlashPlayerPlugin_16_0_0_305.exe5


System errors:
=============
Error: (03/09/2015 01:41:24 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error:
%%5

Error: (03/09/2015 01:40:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%1062

Error: (03/09/2015 11:39:06 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error:
%%5

Error: (03/09/2015 11:37:28 AM) (Source: DCOM) (EventID: 10010) (User: LINDALAPTOP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (03/09/2015 11:37:28 AM) (Source: DCOM) (EventID: 10010) (User: LINDALAPTOP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (03/07/2015 02:26:37 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (03/07/2015 02:19:35 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (03/07/2015 02:19:35 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (03/07/2015 01:00:10 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (03/07/2015 01:00:10 AM) (Source: Schannel) (EventID: 4106) (User: NT AUTHORITY)
Description: An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.


Microsoft Office Sessions:
=========================
Error: (03/11/2015 09:54:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SynTPEnh.exe17.0.10.5153d06d8cSynTPEnh.exe17.0.10.5153d06d8cc0000005000000000007f872d1001d05aa971c37e44C:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exe576fb591-c80f-11e4-82ad-c454442c9198

Error: (03/09/2015 06:38:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_16_0_0_305.exe16.0.0.30554cff379unknown0.0.0.000000000c0000005711990df169001d05ad2d947dcb1C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exeunknown17efa20e-c6c6-11e4-82ad-c454442c9198

Error: (03/09/2015 06:38:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_16_0_0_305.exe16.0.0.30554cff379unknown0.0.0.000000000c00001a502b35ce0169001d05ad2d947dcb1C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exeunknown1733a41f-c6c6-11e4-82ad-c454442c9198

Error: (03/09/2015 06:37:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_16_0_0_305.exe16.0.0.30554cff379unknown0.0.0.000000000c0000005711990df4a7401d05ad2d08092a2C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exeunknown0f2b2639-c6c6-11e4-82ad-c454442c9198

Error: (03/09/2015 06:37:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_16_0_0_305.exe16.0.0.30554cff379unknown0.0.0.000000000c00001a5010f5ce04a7401d05ad2d08092a2C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exeunknown0e718a26-c6c6-11e4-82ad-c454442c9198

Error: (03/09/2015 06:37:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_16_0_0_305.exe16.0.0.30554cff379unknown0.0.0.000000000c0000005711990df499401d05ad2ca7dece5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exeunknown09351da8-c6c6-11e4-82ad-c454442c9198

Error: (03/09/2015 06:37:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_16_0_0_305.exe16.0.0.30554cff379unknown0.0.0.000000000c00001a501235ce0499401d05ad2ca7dece5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exeunknown086f0b86-c6c6-11e4-82ad-c454442c9198

Error: (03/09/2015 06:37:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_16_0_0_305.exe16.0.0.30554cff379unknown0.0.0.000000000c0000005711990df4b7801d05ad2bd0babfbC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exeunknownfbaffae9-c6c5-11e4-82ad-c454442c9198

Error: (03/09/2015 06:37:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_16_0_0_305.exe16.0.0.30554cff379unknown0.0.0.000000000c00001a500865ce04b7801d05ad2bd0babfbC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exeunknownfaf9e46c-c6c5-11e4-82ad-c454442c9198

Error: (03/09/2015 06:37:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_16_0_0_305.exe16.0.0.30554cff379unknown0.0.0.000000000c0000005711990df1cf001d05ad2b8c3fe2bC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exeunknownf76891c2-c6c5-11e4-82ad-c454442c9198


CodeIntegrity Errors:
===================================
  Date: 2015-01-17 14:34:40.932
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-17 14:34:40.454
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2014-12-05 14:57:36.259
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-05 14:57:35.952
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-05 14:57:35.648
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-05 14:57:35.319
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-05 14:57:34.993
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-05 14:57:34.683
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-05 14:57:34.375
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-05 14:57:34.055
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD A4-5000 APU with Radeon™ HD Graphics
Percentage of memory in use: 72%
Total physical RAM: 3533.51 MB
Available physical RAM: 989.26 MB
Total Pagefile: 6861.51 MB
Available Pagefile: 3330.69 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB

==================== Drives ================================

Drive c: (TI80156100A) (Fixed) (Total:455.48 GB) (Free:391.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================


  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello Linda,
 

OK I found it, so am continuing with instructions, thanks!


I see FRST is in your downloads folder so you haven't managed to save it to your desktop. No problem though, I will give you the fix as a download so that it will go to your download folder too. Both the fix and FRST have to be in the same folder to work.
 

Adobe Flash constantly crashes


That is a known problem with Flash and FF. I have Firefox and until recently had no end of problem with it crashing. In my case it seems to have fixed itself with the latest Flash updates. Having said that I have Flash plugins set to "Ask to Activate" and manually enable it when needed. If you want to do that go to the three bars, top right of Firefox and open the drop down window. Click on Add-ons > Plugins and find your way to Flash. On the right hand side set the button to "Ask to Activate".

You can also try disabling the hardware acceleration feature in Flash and see if that helps, see link below.

https://forums.adobe.com/thread/891337

Moving on

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt). Please post it to your reply.

Next
 

  • Please run Farbars Recovery Scan Tool again. Double click on FRST64 to open. Allow it to update if it wants to
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

So when you return please post

  • Fixlog.txt
  • FRST.txt

 


  • 0

#7
star_stitcher5

star_stitcher5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Hi, sorry for some reason FRST wouldn't save to my desktop, I don't know why, I have a problem with things not saving to the desktop, some things do, some don't. Anyway, Flash (I'm assuming it's the Shockwave Flash) was already set to "Ask To Activate"....I've set it now to "Never Activate" I'm assuming it's now not activated.

 

I've downloaded the 'fixlist.txt.....it's now in the download folder with FRST. Do I run it after I run FRST or before? I don't see any instructions of what to do with it, only to download it to the same file and then paste the results of FRST, then scan with FRST and post results again. I'll wait til I hear back from you as how to use fixlist.txt

 

Thanks again!

 

Linda ☺


  • 0

#8
star_stitcher5

star_stitcher5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

PS, I set Flash back to Ask To Activate, because it worked on Youtube when it was not activated, but not on other sites that require Flash.


  • 0

#9
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Do I run it after I run FRST or before? I don't see any instructions of what to do with it,


See the instruction under the heading Moving on, that is:

Run FRST64 (to run it you just double click on it) and press the Fix button just once and wait. :)

FRST will find the fixlist.txt you downloaded and process it. When finished it will make a log (Fixlog.txt). Please post it to your reply.
 

then scan with FRST and post results again


Yes, do that after the fix. :thumbsup:

 

 

If I haven't made anything clear enough don't hesitate ask again. Only silly people don't ask. :)
 


  • 0

#10
star_stitcher5

star_stitcher5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

OK, I hope I've done this right.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Linda at 2015-03-12 15:23:52 Run:1
Running from C:\Users\Linda\Downloads
Loaded Profiles: Linda (Available profiles: Linda)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\MountPoints2: {123a54da-684c-11e4-827d-c454442c9198} - "E:\LGAutoRun.exe"
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.2.0.38
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.2.0.38
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR DefaultSearchKeyword: Default -> ask.com
CHR Profile: C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default
Task: {DED67DE7-B659-4CF0-9556-AC56FE1AC6B2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe
C:\Program Files (x86)\Norton Internet Security
Task: {25D6580C-FCE7-47CE-8EC6-9BDC050B710D} - System32\Tasks\SmartPCFixer Automatically Update => C:\Program Files (x86)\SmartPCFixer\update\update.EXE [2014-07-03] (Sunisoft) <==== ATTENTION
Task: {5ECE4233-EAD8-43B6-AA9A-1CB1BD45B836} - System32\Tasks\SmartPCFixer Startup => C:\Program Files (x86)\SmartPCFixer\SmartPCFixer.exe [2014-06-09] () <==== ATTENTION
Task: {F8DF3A75-66B7-45F4-918D-67D40F3A79F1} - System32\Tasks\SmartPCFixer Scan Weekly => C:\Program Files (x86)\SmartPCFixer\SmartPCFixer.exe [2014-06-09] () <==== ATTENTION
C:\Program Files (x86)\SmartPCFixer
Hosts:
EmptyTemp:
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{123a54da-684c-11e4-827d-c454442c9198}" => Key deleted successfully.
HKCR\CLSID\{123a54da-684c-11e4-827d-c454442c9198} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Chrome DefaultSearchKeyword not detected.
CHR Profile: C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DED67DE7-B659-4CF0-9556-AC56FE1AC6B2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DED67DE7-B659-4CF0-9556-AC56FE1AC6B2}" => Key deleted successfully.
C:\Windows\System32\Tasks\Norton WSC Integration => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton WSC Integration" => Key deleted successfully.
"C:\Program Files (x86)\Norton Internet Security" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25D6580C-FCE7-47CE-8EC6-9BDC050B710D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25D6580C-FCE7-47CE-8EC6-9BDC050B710D}" => Key deleted successfully.
C:\Windows\System32\Tasks\SmartPCFixer Automatically Update => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartPCFixer Automatically Update" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5ECE4233-EAD8-43B6-AA9A-1CB1BD45B836}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ECE4233-EAD8-43B6-AA9A-1CB1BD45B836}" => Key deleted successfully.
C:\Windows\System32\Tasks\SmartPCFixer Startup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartPCFixer Startup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8DF3A75-66B7-45F4-918D-67D40F3A79F1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8DF3A75-66B7-45F4-918D-67D40F3A79F1}" => Key deleted successfully.
C:\Windows\System32\Tasks\SmartPCFixer Scan Weekly => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartPCFixer Scan Weekly" => Key deleted successfully.
C:\Program Files (x86)\SmartPCFixer => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.6 GB temporary data.


The system needed a reboot.

==== End of Fixlog 15:24:57 ====

 

 

And the Fabar Recovery Scan Tool again:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Linda (administrator) on LINDALAPTOP on 12-03-2015 15:39:54
Running from C:\Users\Linda\Downloads
Loaded Profiles: Linda (Available profiles: Linda)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Windows\SysWOW64\UMonit64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-28] (SUPERAntiSpyware)
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [429792 2013-04-11] (AppEx Networks Corporation)
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.toshiba.ca/welcome/?w=23
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.toshiba.ca/welcome/?w=23
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-2293777963-1639995663-2975564211-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-ca/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-05] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-05] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.1

FireFox:
========
FF ProfilePath: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\1v38mi9i.default-1425365656615
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-07] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2293777963-1639995663-2975564211-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Linda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF Extension: Linkificator - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\1v38mi9i.default-1425365656615\Extensions\[email protected] [2015-03-02]
FF Extension: Video WithOut Flash - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\1v38mi9i.default-1425365656615\Extensions\[email protected] [2015-03-03]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-12]

Chrome:
=======
CHR DefaultSearchKeyword: Default -> ask.com
CHR Profile: C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-28]
CHR Extension: (Quick Extension Reload) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\goeiakeofnlpkioeadcbocfifmgkidpb [2014-09-07]
CHR Extension: (Avast Online Security) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-28]
CHR Extension: (Google Wallet) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-15] (SUPERAntiSpyware.com)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-30] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-05] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-05] (Avast Software)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-10-17] (TOSHIBA CORPORATION)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 83855696; C:\Windows\system32\DRIVERS\83855696.sys [458336 2014-12-06] (Kaspersky Lab ZAO)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-05] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [105704 2013-08-16] (GenesysLogic)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1544704 2013-03-12] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-05] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-12 15:36 - 2015-03-12 15:36 - 00000110 ____H () C:\Users\Linda\Downloads\.~lock.Fixlog.txt#
2015-03-12 15:33 - 2015-03-04 14:24 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-12 15:33 - 2015-03-04 14:24 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-11 11:15 - 2015-03-12 15:21 - 00001452 _____ () C:\Users\Linda\Downloads\FRST64 - Shortcut.lnk
2015-03-11 11:15 - 2015-03-11 11:16 - 00032922 _____ () C:\Users\Linda\Downloads\Addition.txt
2015-03-11 11:13 - 2015-03-12 15:39 - 00015840 _____ () C:\Users\Linda\Downloads\FRST.txt
2015-03-11 11:12 - 2015-03-12 15:39 - 00000000 ____D () C:\FRST
2015-03-11 11:11 - 2015-03-11 11:11 - 02095616 _____ (Farbar) C:\Users\Linda\Downloads\FRST64.exe
2015-03-11 10:14 - 2015-03-05 19:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 10:14 - 2015-03-05 19:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 10:14 - 2015-02-25 16:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 10:14 - 2015-02-19 20:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 10:14 - 2015-02-19 19:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 10:14 - 2015-02-19 19:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 10:14 - 2015-02-19 19:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 10:14 - 2015-01-30 16:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 10:14 - 2015-01-30 16:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 10:14 - 2015-01-28 18:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 10:14 - 2015-01-28 18:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 10:14 - 2015-01-26 20:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-11 10:14 - 2015-01-23 18:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-11 10:14 - 2015-01-23 00:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-11 10:14 - 2015-01-22 22:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-11 10:14 - 2014-10-28 19:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 10:14 - 2014-10-28 19:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 10:14 - 2014-10-28 19:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 10:14 - 2014-10-28 19:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 10:14 - 2014-10-28 19:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 10:14 - 2014-10-28 19:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 10:13 - 2015-02-20 18:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 10:13 - 2015-02-20 17:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 10:13 - 2015-02-06 16:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-11 10:13 - 2015-02-03 16:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-11 10:13 - 2015-02-03 16:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-11 10:13 - 2015-02-03 16:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-11 10:13 - 2015-02-02 16:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-11 10:13 - 2015-02-02 16:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-11 10:12 - 2015-02-20 17:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 10:12 - 2015-02-20 17:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 10:12 - 2015-02-20 17:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-11 10:12 - 2015-02-20 16:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 10:12 - 2015-02-20 16:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 10:12 - 2015-02-19 19:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 10:12 - 2015-02-19 19:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 10:12 - 2015-02-19 19:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 10:12 - 2015-02-19 19:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 10:12 - 2015-02-19 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 10:12 - 2015-02-19 19:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 10:12 - 2015-02-19 19:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 10:12 - 2015-02-19 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-11 10:12 - 2015-02-19 19:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 10:12 - 2015-02-19 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 10:12 - 2015-02-19 19:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 10:12 - 2015-02-19 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-11 10:12 - 2015-02-19 18:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-11 10:12 - 2015-02-19 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-11 10:12 - 2015-02-19 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 10:12 - 2015-02-19 18:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 10:12 - 2015-02-19 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 10:12 - 2015-02-19 18:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 10:12 - 2015-02-19 18:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 10:12 - 2015-02-19 18:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-11 10:12 - 2015-02-19 18:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-11 10:12 - 2015-02-19 18:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 10:12 - 2015-02-19 18:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-11 10:12 - 2015-02-19 18:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 10:12 - 2015-02-19 18:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 10:12 - 2015-02-19 18:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 10:12 - 2015-02-19 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 10:12 - 2015-02-19 18:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 10:12 - 2015-02-19 17:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 10:12 - 2015-02-19 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 10:11 - 2015-02-12 10:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 10:11 - 2015-02-12 10:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 10:11 - 2015-01-30 16:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 10:11 - 2015-01-29 11:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 10:11 - 2015-01-29 11:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 10:11 - 2015-01-28 18:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-11 10:11 - 2015-01-28 18:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-11 10:11 - 2015-01-28 17:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-11 10:11 - 2015-01-28 17:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-11 10:11 - 2015-01-28 08:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 10:11 - 2015-01-28 08:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-11 10:11 - 2015-01-28 08:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-11 10:11 - 2015-01-27 19:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-11 10:11 - 2015-01-27 18:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-11 10:11 - 2015-01-27 18:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 10:11 - 2015-01-27 18:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 10:11 - 2015-01-27 16:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-11 10:11 - 2015-01-27 16:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-11 10:11 - 2015-01-26 21:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 10:11 - 2015-01-26 19:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 10:11 - 2014-10-28 20:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 10:11 - 2014-10-28 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-11 10:11 - 2014-10-28 19:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-11 10:11 - 2014-10-28 19:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-11 10:11 - 2014-10-28 19:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-11 10:11 - 2014-10-28 18:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-11 10:11 - 2014-10-28 18:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-11 10:11 - 2014-10-28 18:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-11 10:11 - 2014-10-28 18:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-11 10:11 - 2014-10-28 18:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-11 10:11 - 2014-10-28 18:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-11 10:11 - 2014-10-28 18:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-11 10:11 - 2014-10-28 17:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-11 10:11 - 2014-10-28 17:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-11 10:11 - 2014-10-28 17:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-11 10:11 - 2014-10-28 17:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-11 10:10 - 2015-02-07 16:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-11 10:10 - 2015-02-07 16:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-11 10:10 - 2015-02-05 18:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-11 10:10 - 2015-02-05 18:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-11 10:10 - 2015-02-05 13:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 10:10 - 2015-02-02 17:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-11 10:10 - 2015-02-02 17:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-11 10:10 - 2015-01-29 20:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-11 10:10 - 2015-01-29 19:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-11 10:10 - 2015-01-29 19:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-11 10:10 - 2015-01-29 19:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-11 10:10 - 2015-01-29 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-11 10:10 - 2015-01-29 18:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-11 10:10 - 2015-01-29 18:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-11 10:10 - 2015-01-29 18:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-11 10:10 - 2015-01-29 18:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-11 10:10 - 2015-01-29 18:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-11 10:10 - 2015-01-29 18:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-11 10:10 - 2015-01-29 18:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-11 10:10 - 2015-01-29 18:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-11 10:10 - 2015-01-29 18:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-11 10:10 - 2015-01-28 18:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 10:10 - 2015-01-28 18:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 10:10 - 2015-01-28 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-11 10:10 - 2015-01-28 17:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-11 10:10 - 2015-01-20 22:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 10:10 - 2015-01-20 22:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 10:10 - 2014-12-10 22:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-11 10:10 - 2014-10-28 19:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-11 10:10 - 2014-10-28 19:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-11 10:10 - 2014-10-28 18:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-11 10:10 - 2014-10-28 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-11 10:10 - 2014-10-28 18:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-11 10:10 - 2014-10-28 17:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-11 10:10 - 2014-10-28 17:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-09 11:13 - 2015-03-09 11:13 - 02171392 _____ () C:\Users\Linda\Downloads\adwcleaner_4.112.exe
2015-03-07 11:28 - 2015-03-07 11:28 - 05325696 _____ (Piriform Ltd) C:\Users\Linda\Downloads\ccsetup503.exe
2015-03-05 15:54 - 2015-03-05 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-01 18:48 - 2015-03-12 15:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-01 18:48 - 2015-03-07 12:55 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-01 18:43 - 2015-03-01 18:43 - 00003176 _____ () C:\Windows\System32\Tasks\{A94C431E-77B1-4B8A-807D-5B77451B19F8}
2015-03-01 18:31 - 2015-03-01 18:31 - 00072959 _____ () C:\468d6e04-9c3a-4082-917d-e101b2501656.dmp
2015-02-28 20:09 - 2015-02-28 20:09 - 18129584 _____ (Adobe Systems Incorporated) C:\Users\Linda\Downloads\install_flash_player.exe
2015-02-28 19:27 - 2015-03-09 11:38 - 00008356 _____ () C:\Windows\PFRO.log
2015-02-28 12:18 - 2015-02-28 12:18 - 00001080 _____ () C:\Users\Linda\Desktop\Eusing Free Registry Cleaner.lnk
2015-02-28 12:18 - 2015-02-28 12:18 - 00000000 ____D () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
2015-02-28 12:18 - 2015-02-28 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
2015-02-28 12:18 - 2015-02-28 12:18 - 00000000 ____D () C:\Program Files (x86)\Eusing Free Registry Cleaner
2015-02-28 12:17 - 2015-02-28 12:17 - 00983613 _____ () C:\Users\Linda\Downloads\EFRCSetup(2).exe
2015-02-28 11:06 - 2015-02-28 11:06 - 41008512 _____ () C:\Users\Linda\Downloads\Firefox Setup 36.0.exe
2015-02-28 11:02 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-28 11:02 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-28 11:02 - 2014-10-28 18:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-28 11:02 - 2014-10-28 18:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-28 11:02 - 2014-10-28 18:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-28 11:02 - 2014-10-28 18:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-02-28 10:51 - 2015-02-28 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-28 10:50 - 2014-12-05 12:28 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-28 10:48 - 2015-03-12 15:32 - 00002400 _____ () C:\Windows\setupact.log
2015-02-28 10:48 - 2015-02-28 10:48 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-26 16:38 - 2015-03-12 15:35 - 01992043 _____ () C:\Windows\WindowsUpdate.log
2015-02-26 11:40 - 2015-02-26 11:40 - 00000000 ____D () C:\Users\Linda\AppData\Roaming\LavasoftStatistics
2015-02-26 11:34 - 2015-02-26 13:56 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-02-25 11:26 - 2015-02-25 11:26 - 00000000 ____D () C:\Users\Public\Documents\sun
2015-02-22 16:27 - 2015-02-22 16:31 - 133616624 _____ () C:\Users\Linda\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-GB(1).exe
2015-02-11 03:35 - 2015-01-11 19:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 03:35 - 2015-01-11 18:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 03:35 - 2015-01-11 18:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 03:35 - 2015-01-11 18:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 03:35 - 2014-12-08 20:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 03:35 - 2014-12-08 18:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 03:34 - 2015-01-15 15:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 03:34 - 2015-01-15 15:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 03:34 - 2015-01-13 21:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 03:34 - 2015-01-13 20:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 03:34 - 2014-12-19 01:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 03:34 - 2014-12-19 01:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 03:34 - 2014-10-28 19:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 03:34 - 2014-10-28 19:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 03:34 - 2014-10-28 19:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 03:34 - 2014-10-28 19:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 03:34 - 2014-10-28 19:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-11 03:34 - 2014-10-28 19:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-11 03:34 - 2014-10-28 18:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-11 03:34 - 2014-10-28 18:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 03:34 - 2014-10-28 18:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 03:34 - 2014-10-28 18:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-11 03:34 - 2014-10-28 18:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-11 03:34 - 2014-10-28 18:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-11 03:34 - 2014-10-28 18:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-11 03:33 - 2015-02-03 16:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 03:33 - 2015-02-03 16:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 03:33 - 2015-02-03 16:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 03:33 - 2015-02-02 16:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 03:33 - 2015-02-02 16:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 03:33 - 2015-02-02 16:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 03:33 - 2015-01-19 11:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-12 15:39 - 2014-05-16 22:07 - 05776384 ___SH () C:\Users\Linda\Downloads\Thumbs.db
2015-03-12 15:38 - 2013-09-13 18:58 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-12 15:33 - 2014-05-17 18:42 - 00000000 ___DO () C:\Users\Linda\OneDrive
2015-03-12 15:33 - 2014-05-12 14:02 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-12 15:33 - 2014-05-12 14:02 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-12 15:32 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-12 15:32 - 2013-08-22 07:44 - 00362544 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 15:30 - 2013-08-22 06:25 - 00262144 _____ () C:\Windows\system32\config\BBI
2015-03-12 15:28 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-12 15:28 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 15:28 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 15:28 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-12 15:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-12 15:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-12 15:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-12 15:25 - 2014-03-26 01:25 - 16612774 _____ () C:\Users\Public\CAFADEBUG.log
2015-03-12 15:02 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-12 14:42 - 2014-03-26 01:01 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-12 11:00 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-12 10:56 - 2014-05-12 13:54 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7F98E464-546B-493E-8A66-68F21CF9D6A0}
2015-03-11 21:25 - 2014-05-12 13:54 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2293777963-1639995663-2975564211-1001
2015-03-11 20:35 - 2014-05-12 14:03 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-11 11:46 - 2014-05-15 02:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 11:40 - 2014-05-15 02:23 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 09:55 - 2014-05-17 09:37 - 00000000 ____D () C:\Users\Linda\AppData\Local\CrashDumps
2015-03-10 20:31 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-09 13:51 - 2014-03-26 01:19 - 00000000 ____D () C:\Windows\System32\Tasks\TOSHIBA
2015-03-09 13:39 - 2013-09-13 19:18 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2015-03-09 13:39 - 2013-09-13 19:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-09 11:47 - 2014-10-27 17:15 - 00000000 ____D () C:\AdwCleaner
2015-03-09 11:38 - 2014-05-12 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-09 10:53 - 2014-05-16 13:26 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-08 10:34 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-07 12:56 - 2014-07-23 13:31 - 00000000 ____D () C:\Users\Linda\AppData\Local\Adobe
2015-03-07 11:29 - 2014-07-07 19:14 - 00000805 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-07 11:29 - 2014-07-07 19:14 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-02 23:54 - 2014-05-12 23:40 - 00000000 ____D () C:\Users\Linda\Desktop\Old Firefox Data
2015-02-28 12:24 - 2014-05-16 13:35 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-28 11:16 - 2014-05-12 14:18 - 00001186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-28 11:16 - 2014-05-12 14:18 - 00001174 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-28 10:51 - 2014-12-05 12:29 - 00001951 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-28 10:51 - 2014-05-12 14:03 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-28 10:49 - 2014-05-12 13:46 - 00000000 ____D () C:\Users\Linda
2015-02-28 10:47 - 2014-12-10 21:00 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-28 10:47 - 2014-07-09 22:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-28 10:47 - 2013-08-22 08:36 - 00000000 __RSD () C:\Windows\Media
2015-02-28 10:47 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-28 10:46 - 2014-07-10 13:53 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2015-02-28 10:46 - 2014-07-07 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-28 10:46 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-02-28 10:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\registration
2015-02-28 10:34 - 2014-10-27 11:00 - 00000000 ____D () C:\Program Files\AMD
2015-02-28 10:34 - 2014-07-10 13:52 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-02-19 16:21 - 2013-08-22 06:25 - 00262144 _____ () C:\Windows\system32\config\BBI(134)
2015-02-17 02:45 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-09 12:09

==================== End Of Log ============================

 

 

I hope I've done this correctly, thanks so very much!!


  • 0

Advertisements


#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

OK, I hope I've done this right.

 
Pretty good although it looks like you might not have checked the Addition.txt as you haven't posted that one back.
 
Not to worry, we can do without it for now. We will try that again later. :)
 
Now

You have an old version of the Chrome browser on your machine. FRST has not been able to trigger a reset to get rid of the Ask home page for that version.

As you don't appear to use Chrome I think the best way to fix it is to uninstall it.

SOoo... please uninstall:

Google Chrome

If you don't know how to uninstall Chrome please go to the link below.

https://support.goog...wer/95319?hl=en

  • Click on "Windows instructions" and look under "Windows Vista/ Windows 7/ Windows 8"
  • Follow the instructions there.
  • Make sure you select the "Also delete your browsing data" at the uninstall.

After that

Please download Junkware Removal Tool to your desktop (if it goes into your Dowloads folder that is okay - just run the tool from there).

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved and will automatically open.
  • Post the contents of JRT.txt into your next message.

  • 0

#12
star_stitcher5

star_stitcher5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Hello again! ☺

 

I uninstalled Chrome Browser, hoping I did that correctly,  and ran the JRT:

 

 

Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 8.1 x64
Ran by Linda on 2015-03-13 at 10:12:29.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\Program Files (x86)\eusing free registry cleaner"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free registry cleaner"
Successfully deleted: [Folder] "C:\Users\Linda\AppData\Roaming\microsoft\windows\start menu\programs\free registry cleaner"



~~~ FireFox

Emptied folder: C:\Users\Linda\AppData\Roaming\mozilla\firefox\profiles\1v38mi9i.default-1425365656615\minidumps [5 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015-03-13 at 10:20:18.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Thanks!

 

Linda


  • 0

#13
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello again Linda,

 

Another one to run now. :)

 

Please download : ADWCleaner   (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon. AdwCleaner will update itself and then open.

AdwCleaner.jpg

Click on Scan  and follow the prompts. It may appear not to be doing anything, please be patient and let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.


  • 0

#14
star_stitcher5

star_stitcher5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

OK I've run the Adwcleaner scan as instructed, the computer rebooted, but the report didn't come up and I can't find it in the folder, only the Fabar scan.......should I run the Adwcleaner again?


  • 0

#15
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

The AdwCleaner log should be saved in the AdwCleaner folder at C:\AdwCleaner.

There is a guide about how to search for a file or a folder at the link below:

http://windows.micro...h-file-explorer

See if you can find the file in the AdwCleaner folder. Open it and copy and paste the contents back here.

If you can't find it, come back and tell me. :)


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP