Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My computer is very slow and may be infected. [Closed]


  • This topic is locked This topic is locked

#1
Pasadeana

Pasadeana

    New Member

  • Member
  • Pip
  • 6 posts

My computer is so very slow. It freezes up on me several time and I get message the it's not responding. I eventually get stuck and have to exit my browser. Sometimes I get kicked off. The other day I got kickedoff and had the blue screen with a mini dump.

 

I downloaded Farbar recovery tool and followed the your instructions.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-08-2015 01
Ran by Deana (administrator) on DEANA-PC (16-08-2015 09:31:51)
Running from C:\Users\Deana\Downloads
Loaded Profiles: Deana (Available Profiles: Deana & Guest)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
() C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\ProgramData\U3\U3Launcher\LaunchU3.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-24] (Avast Software s.r.o.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-03-23] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (CANON INC.)
HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM\...\Run: [ProductUpdater] => C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-18] ()
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2588663952-2493906664-1664854353-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LaunchU3.exe.lnk [2015-05-30]
ShortcutTarget: LaunchU3.exe.lnk -> C:\Windows\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-24] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2588663952-2493906664-1664854353-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-24] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 206.255.240.130 206.255.240.134
Tcpip\..\Interfaces\{C96C8C47-CDEE-4A74-976F-1BF4F08EA8BE}: [DhcpNameServer] 206.255.240.130 206.255.240.134

FireFox:
========
FF ProfilePath: C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\lea3qgg8.default
FF DefaultSearchEngine.US: Google
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-14] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-26] (CANON INC.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF SearchPlugin: C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\lea3qgg8.default\searchplugins\pinterest-search.xml [2015-07-22]
FF Extension: Pin Tool - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\lea3qgg8.default\Extensions\pintool@gmail.com.xpi [2015-07-23]
FF Extension: Pinterest one click login - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\lea3qgg8.default\Extensions\pnlogin@trafficterminal.com.xpi [2015-07-23]
FF Extension: QuickJava - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\lea3qgg8.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2015-07-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-24]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-24] (Avast Software s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [108032 2008-01-19] (Intel Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-24] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-24] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-24] ()
R3 GTICARD; C:\Windows\System32\DRIVERS\gticard.sys [59328 2003-02-06] (Texas Instruments)
R3 tiumfwl; C:\Windows\System32\drivers\tiumfwl.sys [42092 2003-02-18] (Texas Instruments Inc.)
R3 VSTHWICH; C:\Windows\System32\DRIVERS\VSTICH3.SYS [242176 2009-07-13] (Conexant Systems, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-16 09:30 - 2015-08-16 09:30 - 00001094 _____ C:\Users\Deana\Desktop\FRST - Shortcut.lnk
2015-08-16 09:20 - 2015-08-16 09:28 - 00017533 _____ C:\Users\Deana\Downloads\Addition.txt
2015-08-16 09:19 - 2015-08-16 09:31 - 00007756 _____ C:\Users\Deana\Downloads\FRST.txt
2015-08-16 09:18 - 2015-08-16 09:31 - 00000000 ____D C:\FRST
2015-08-16 09:14 - 2015-08-16 09:14 - 01678336 _____ (Farbar) C:\Users\Deana\Downloads\FRST.exe
2015-08-14 09:21 - 2015-08-16 09:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-08 16:07 - 2015-08-08 16:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-07-31 03:45 - 2015-07-31 03:45 - 00000000 ____D C:\Users\Deana\AppData\Local\GWX
2015-07-29 10:27 - 2015-07-29 10:27 - 00000000 ___HD C:\ProgramData\CanonIJScan
2015-07-29 10:07 - 2015-07-29 15:18 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Canon
2015-07-28 02:19 - 2015-07-25 12:51 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 02:19 - 2015-07-25 12:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 02:19 - 2015-07-25 12:47 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 02:19 - 2015-07-25 12:46 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 02:19 - 2015-07-25 12:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 02:19 - 2015-07-25 12:46 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 02:19 - 2015-07-25 12:46 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 02:19 - 2015-07-25 12:40 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-24 18:23 - 2015-08-14 09:20 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-21 16:49 - 2015-07-14 21:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 16:49 - 2015-07-14 21:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 16:49 - 2015-07-14 21:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 16:49 - 2015-07-14 21:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 16:49 - 2015-07-14 20:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-17 04:46 - 2015-07-02 16:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-17 04:46 - 2015-07-02 16:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-17 04:46 - 2015-07-02 15:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-17 04:46 - 2015-07-02 15:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-17 04:46 - 2015-07-02 15:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-17 04:46 - 2015-07-02 14:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-17 04:42 - 2015-06-26 20:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-17 04:42 - 2015-06-26 20:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-17 04:18 - 2015-07-01 15:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-17 04:18 - 2015-07-01 15:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-17 04:18 - 2015-07-01 15:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-17 04:18 - 2015-07-01 15:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-17 04:18 - 2015-07-01 15:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-17 04:18 - 2015-07-01 15:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-17 04:18 - 2015-07-01 15:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-17 04:18 - 2015-07-01 15:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-17 04:18 - 2015-07-01 15:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-17 04:18 - 2015-07-01 14:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-17 04:18 - 2015-07-01 14:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-17 04:18 - 2015-07-01 14:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-17 04:17 - 2015-06-25 03:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-17 04:17 - 2015-06-15 16:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-17 04:17 - 2015-06-15 16:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-17 04:17 - 2015-06-15 16:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-17 04:17 - 2015-06-15 16:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-17 04:17 - 2015-06-15 16:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-17 04:17 - 2015-06-15 16:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-17 04:17 - 2015-06-15 16:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-17 04:17 - 2015-06-11 12:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-17 04:17 - 2015-06-11 12:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-17 04:17 - 2015-06-11 12:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-17 04:17 - 2015-06-11 10:20 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-17 04:16 - 2015-07-04 12:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-17 04:12 - 2015-06-09 14:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-17 04:12 - 2015-06-09 14:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-17 04:08 - 2015-06-01 18:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-17 03:32 - 2015-06-17 12:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-17 03:32 - 2015-04-27 14:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-17 03:32 - 2015-04-27 14:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-17 03:32 - 2015-04-27 14:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-17 03:32 - 2015-04-27 14:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-17 03:30 - 2015-07-09 12:43 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-17 03:30 - 2015-07-09 12:43 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-17 03:30 - 2015-07-09 12:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-17 03:30 - 2015-07-09 12:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-17 03:30 - 2015-07-09 12:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-17 03:30 - 2015-07-09 12:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-17 03:30 - 2015-07-09 12:43 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-17 03:30 - 2015-07-09 12:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-17 03:30 - 2015-07-09 12:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-17 03:30 - 2015-07-09 12:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-17 03:30 - 2015-07-09 12:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-16 09:31 - 2009-07-13 23:34 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-16 09:31 - 2009-07-13 23:34 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-16 06:32 - 2015-05-22 09:41 - 01415251 ____N C:\Windows\WindowsUpdate.log
2015-08-16 06:03 - 2015-05-23 17:55 - 00000376 _____ C:\Windows\Tasks\update-sys.job
2015-08-16 05:37 - 2015-05-23 17:55 - 00000376 _____ C:\Windows\Tasks\update-S-1-5-21-2588663952-2493906664-1664854353-1001.job
2015-08-16 05:15 - 2010-11-20 16:01 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-14 10:25 - 2009-07-13 23:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-14 09:21 - 2015-05-30 22:51 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-14 09:21 - 2015-05-30 22:51 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-14 01:28 - 2015-05-25 03:57 - 00000000 ____D C:\Windows\Minidump
2015-07-30 07:18 - 2015-05-30 22:49 - 00000000 ____D C:\Users\Deana\AppData\Local\Adobe
2015-07-28 03:01 - 2015-05-23 13:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-26 04:45 - 2015-05-23 18:03 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-24 23:42 - 2015-05-23 13:06 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-22 03:43 - 2009-07-13 23:33 - 00484544 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-17 21:31 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\rescache
2015-07-17 19:48 - 2015-05-23 13:06 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-17 12:59 - 2015-05-22 21:17 - 00000000 ____D C:\Windows\system32\MRT
2015-07-17 12:35 - 2015-05-23 17:49 - 00000000 __SHD C:\Users\Deana\AppData\Local\EmieUserList
2015-07-17 12:35 - 2015-05-23 17:49 - 00000000 __SHD C:\Users\Deana\AppData\Local\EmieSiteList
2015-07-17 12:35 - 2015-05-23 17:49 - 00000000 __SHD C:\Users\Deana\AppData\Local\EmieBrowserModeList

==================== Files in the root of some directories =======

2015-05-29 01:46 - 2015-05-29 01:46 - 0003584 _____ () C:\Users\Deana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-30 12:53 - 2015-05-30 12:53 - 0007597 _____ () C:\Users\Deana\AppData\Local\Resmon.ResmonCfg
2015-05-23 17:55 - 2015-05-23 17:55 - 0000003 _____ () C:\Users\Deana\AppData\Local\updater.log
2015-05-23 17:55 - 2015-06-04 09:52 - 0000412 _____ () C:\Users\Deana\AppData\Local\UserProducts.xml

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-12 01:56

==================== End of log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-08-2015 01
Ran by Deana (2015-08-16 09:32:38)
Running from C:\Users\Deana\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2588663952-2493906664-1664854353-500 - Administrator - Disabled)
Deana (S-1-5-21-2588663952-2493906664-1664854353-1001 - Administrator - Enabled) => C:\Users\Deana
Guest (S-1-5-21-2588663952-2493906664-1664854353-501 - Limited - Enabled) => C:\Users\Guest

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version:  - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
Canon MP250 series User Registration (HKLM\...\Canon MP250 series User Registration) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Freemake Video Converter version 4.1.6 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Lightshot-5.2.1.1 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
U3Launcher (HKLM\...\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}) (Version: 1.0.0 - U3)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

15-08-2015 08:05:15 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2009-06-10 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0531E608-BC68-4682-8496-DE87A5DC160F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {0BB70816-69E7-49D7-B4F3-F137F7FE8084} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-20] (Avast Software s.r.o.)
Task: {1677A40B-C273-488F-9A1C-FF19464DC302} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1DE52BED-652B-4C7C-867E-D2BCCAAD4702} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1F28D361-2264-4D4A-9A20-6F78E135A63F} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {2A7BA4C3-C968-4E3F-9895-02F4DF2A2E08} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-14] (Adobe Systems Incorporated)
Task: {38248A48-B092-45A0-8695-ACD67320B442} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {46CF0771-797A-454D-85B9-BCE0E467BD69} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {5B66FE8B-BF65-48F8-AD59-CDA5794E7FA6} - System32\Tasks\update-S-1-5-21-2588663952-2493906664-1664854353-1001 => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {DD12D2B0-E265-4C5F-AAE0-992D5AC1FDC3} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2588663952-2493906664-1664854353-1001.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-24 03:57 - 2015-05-24 03:57 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-24 03:57 - 2015-05-24 03:57 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-14 05:30 - 2015-08-14 05:30 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15081404\algo.dll
2015-08-15 14:03 - 2015-08-15 14:03 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15081502\algo.dll
2015-05-24 03:57 - 2015-05-24 03:58 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-14 13:27 - 2015-06-18 12:22 - 00062464 _____ () C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2007-10-23 09:45 - 2007-10-23 09:45 - 01336632 _____ () C:\ProgramData\U3\U3Launcher\LaunchU3.exe
2015-08-14 09:21 - 2015-08-14 09:21 - 17482952 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2588663952-2493906664-1664854353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 206.255.240.130 - 206.255.240.134
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7EFD0061-CDF9-4AAA-8C8E-BA8E754023BD}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{AC4CABD3-F936-4B31-8B5F-BBF1CA914A09}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A2209568-5E4C-4B83-BBB2-0D30D6D76966}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/15/2015 09:29:29 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108

Error: (08/15/2015 07:09:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 40.0.2.5702, time stamp: 0x55cc03bd
Faulting module name: mozglue.dll, version: 40.0.2.5702, time stamp: 0x55cbf190
Exception code: 0x80000003
Fault offset: 0x0000e631
Faulting process id: 0x1014
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (08/15/2015 07:09:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 40.0.2.5702 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e68

Start Time: 01d0d7379af230c0

Termination Time: 20786

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 136b4df1-4346-11e5-877a-000bdb1e32b3

Error: (08/14/2015 02:47:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108

Error: (08/14/2015 10:26:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2015 09:06:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner.exe version 4.18.0.4844 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: a8c

Start Time: 01d0d699fc24cf70

Termination Time: 4055

Application Path: C:\Program Files\CCleaner\CCleaner.exe

Report Id: 9e5ffff1-428d-11e5-9620-000bdb1e32b3

Error: (08/14/2015 07:34:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2015 07:33:28 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2015 07:33:28 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2015 07:33:28 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (08/15/2015 03:19:36 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (08/14/2015 10:32:19 AM) (Source: GTICARD) (EventID: 5) (User: )
Description: TILogger: Create reports, "Internal driver error oocurred during requested operation."

Error: (08/14/2015 10:32:19 AM) (Source: SCardSvr) (EventID: 602) (User: )
Description: The parameter is incorrect.

Error: (08/14/2015 09:31:10 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (08/14/2015 07:37:29 AM) (Source: GTICARD) (EventID: 5) (User: )
Description: TILogger: Create reports, "Internal driver error oocurred during requested operation."

Error: (08/14/2015 07:37:29 AM) (Source: SCardSvr) (EventID: 602) (User: )
Description: The parameter is incorrect.

Error: (08/14/2015 07:33:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (08/14/2015 07:33:29 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (08/14/2015 07:30:31 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (08/14/2015 07:30:50 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:29:43 AM on ‎8/‎14/‎2015 was unexpected.


Microsoft Office:
=========================
Error: (08/15/2015 09:29:29 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108

Error: (08/15/2015 07:09:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe40.0.2.570255cc03bdmozglue.dll40.0.2.570255cbf190800000030000e631101401d0d74ffab82f40C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozglue.dll6e54b310-4346-11e5-877a-000bdb1e32b3

Error: (08/15/2015 07:09:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe40.0.2.5702e6801d0d7379af230c020786C:\Program Files\Mozilla Firefox\firefox.exe136b4df1-4346-11e5-877a-000bdb1e32b3

Error: (08/14/2015 02:47:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108

Error: (08/14/2015 10:26:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2015 09:06:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CCleaner.exe4.18.0.4844a8c01d0d699fc24cf704055C:\Program Files\CCleaner\CCleaner.exe9e5ffff1-428d-11e5-9620-000bdb1e32b3

Error: (08/14/2015 07:34:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2015 07:33:28 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2015 07:33:28 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2015 07:33:28 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


==================== Memory info ===========================

Processor: Intel® Pentium® M processor 1.70GHz
Percentage of memory in use: 69%
Total physical RAM: 1023.3 MB
Available physical RAM: 311.39 MB
Total Virtual: 2069.3 MB
Available Virtual: 962.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:27.95 GB) (Free:12.95 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (My Passport) (Fixed) (Total:465.65 GB) (Free:422.24 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 27.9 GB) (Disk ID: 0BB51C74)
Partition 1: (Active) - (Size=27.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 44FDFE06)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)

==================== End of log ============================

 


  • 0

Advertisements


#2
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Greetings,

Welcome to Geeks to Go--the friendliest online community dedicated to the sole goal of helping people from all around the world! :) I am Pyxis and I will be assisting you. As such, I would like to stress the following reminders:
  • It is important that you do not install anything unless asked while the process is ongoing. Doing so may hinder or even complicate the cleaning of your system. You will get the chance to install things as you would like after the process has been completed.
  • Ensure you take extra caution to precisely follow my instructions. Please only use the tools I have asked you to. The instructions for your computer are unique and should therefore only apply to your system.
  • Since the cleaning process is quite delicate, your timely response is crucial. Topics are marked inactive and thus closed within 3 full days of no activity. If you deem I have overlooked your thread--which is in a matter of more than 48 hours--please send me a PM and I will get back to you shortly.
I hope you keep in mind these reminders. Let's get to work! :thumbsup:
  • Step 1

    Download 'AdwCleaner by Xplode' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • Read the Terms of Use and click I Agree.
    • Click Scan and choose Clean after.
    • Wait for it to finish. It won't take long.
    • Click OK for the next prompts. Your system will automatically reboot.
    • A log will automatically pop-up after rebooting. Alternatively, you can find it at C:\AdwCleaner\AdwCleaner[S*].txt.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 2

    Run your copy of FRST by double-clicking it.
    • Put a check on Addition.
    • Press the Scan button after.
    • It will produce FRST.txt and Addition.txt on your desktop once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the logs in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • Addition.txt (Farbar Recovery Scan Tool)
    • FRST.txt (Farbar Recovery Scan Tool)
    • AdwCleaner[S*].txt (AdwCleaner)

  • 0

#3
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a new topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP