My laptop only boots before the login screen part. I'm stuck with a black screen and a cursor that I can move around but nothing really happens. I've tried using the other safe mode options, but the same thing just keeps happening. Help please? I know it's malware related because I downloaded some files two days ago, and my laptop worked fine before that. Also, is there any way I can fix my laptop without losing my files? Thanks.
Here's the FRST logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-11-2015
Ran by SYSTEM on MININT-MBFJPFP (21-11-2015 19:09:31)
Running from h:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336 2010-09-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-01] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Sweetpacks Communicator] => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2569616 2015-09-30] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [iTunesHelper] => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [mcpltui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-10] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-07] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-04] (Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-16] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\Sharee Mae F B\...\Run: [Facebook Update] => C:\Users\Sharee Mae F B\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-11] (Facebook Inc.)
HKU\Sharee Mae F B\...\Run: [BackgroundContainer] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Sharee Mae F B\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\Sharee Mae F B\...\CurrentVersion\Windows: [Load] C:\ProgramData\mstbotcfv.exe <===== ATTENTION
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-07] (NVIDIA Corporation)
Startup: C:\Users\Sharee Mae F B\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk [2012-06-23]
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\Sharee Mae F B\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2014-01-18]
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Sharee Mae F B\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk [2015-11-19]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-14] (Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-28] (Adobe Systems, Incorporated)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-04] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-04] (Avast Software)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-05] (Dropbox, Inc.)
S2 HPSLPSVC; C:\Users\Sharee Mae F B\AppData\Local\Temp\7zS5B18\hpslpsvc64.dll [1039360 2012-08-27] (Hewlett-Packard Co.)
S2 IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760 2012-10-04] ()
S2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1261936 2012-10-02] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-11-30] ()
S2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2013-06-09] ()
S2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-04-28] (AVG Secure Search)
S2 vToolbarUpdater18.9.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe [1862032 2015-09-30] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [X]
S2 DefaultTabUpdate; "C:\Users\Sharee Mae F B\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" [X]
S2 HomeNetSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [X]
S2 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McNaiAnn; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [X]
S4 McOobeSv; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 mcpltsvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McProxy; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [X]
S2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]
S2 mfevtp; "C:\windows\system32\mfevtps.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-04] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-04] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-04] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-04] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-07] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-07] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-04] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-04] (AVAST Software)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-02-22] (Windows ® 2003 DDK 3790 provider)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-04] (Avast Software)
S1 avgtp; \??\C:\windows\system32\drivers\avgtpx64.sys [X]
S3 cfwids; system32\drivers\cfwids.sys [X]
S3 HipShieldK; system32\drivers\HipShieldK.sys [X]
S3 mfeapfk; system32\drivers\mfeapfk.sys [X]
S3 mfeavfk; system32\drivers\mfeavfk.sys [X]
S3 mfefirek; system32\drivers\mfefirek.sys [X]
S0 mfehidk; system32\drivers\mfehidk.sys [X]
S3 mfencbdc; system32\DRIVERS\mfencbdc.sys [X]
S3 mfencrk; system32\DRIVERS\mfencrk.sys [X]
S0 mfewfpk; system32\drivers\mfewfpk.sys [X]
S2 SPDRIVER_1.35.1.155; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-21 18:50 - 2015-11-21 18:53 - 00000000 ____D C:\FRST
2015-11-21 16:46 - 2011-10-19 12:55 - 00267776 _____ (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00160256 _____ (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00114176 _____ (Microsoft Corporation) C:\Windows\System32\admparse.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2015-11-21 16:46 - 2011-10-18 21:27 - 00174640 _____ (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2015-11-21 16:46 - 2011-10-18 21:27 - 00007440 _____ C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2015-11-21 16:46 - 2011-03-05 13:45 - 00795752 _____ (NVIDIA Corporation) C:\Windows\System32\easyUpdatusAPIU64.dll
2015-11-21 16:46 - 2010-11-20 19:24 - 00412160 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-11-21 16:46 - 2009-06-10 12:45 - 00000003 _____ C:\Windows\System32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2015-11-19 09:19 - 2015-11-19 09:19 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-19 09:17 - 2015-11-19 09:17 - 00001213 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-11-19 09:17 - 2015-11-19 09:17 - 00001213 _____ C:\ProgramData\Desktop\Adobe Creative Cloud.lnk
2015-11-19 09:14 - 2015-11-19 09:14 - 00000000 ____D C:\Users\Sharee Mae F B\Desktop\New folder (2)
2015-11-19 07:26 - 2015-11-19 08:10 - 00003424 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task
2015-11-19 07:14 - 2015-11-19 07:16 - 00000000 ____D C:\Users\Sharee Mae F B\Desktop\Adobe
2015-11-16 10:31 - 2015-11-16 10:31 - 00000000 __SHD C:\found.034
2015-11-12 06:43 - 2015-11-03 09:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-11-11 12:45 - 2015-11-11 12:45 - 00184305 _____ C:\Users\Sharee Mae F B\Documents\Solid Waste Management.pptx
2015-11-11 06:49 - 2015-11-03 13:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 06:49 - 2015-10-30 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-11-11 06:49 - 2015-10-30 15:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-11-11 06:49 - 2015-10-30 15:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-11-11 06:49 - 2015-10-30 15:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-11-11 06:49 - 2015-10-30 14:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 06:49 - 2015-10-30 14:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 06:49 - 2015-10-30 14:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-11-11 06:49 - 2015-10-30 14:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 06:49 - 2015-10-30 14:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 06:49 - 2015-10-30 13:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2015-11-11 06:49 - 2015-10-20 10:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-11-11 06:49 - 2015-10-20 10:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2015-11-11 06:49 - 2015-10-20 10:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-11-11 06:49 - 2015-10-20 10:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2015-11-11 06:49 - 2015-10-20 09:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 06:49 - 2015-10-20 09:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 06:49 - 2015-10-20 09:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 06:49 - 2015-10-20 09:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 06:49 - 2015-10-20 09:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 06:48 - 2015-11-03 14:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-11-11 06:48 - 2015-10-30 15:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-11-11 06:48 - 2015-10-30 15:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-11-11 06:48 - 2015-10-30 15:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-11-11 06:48 - 2015-10-30 15:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-11-11 06:48 - 2015-10-30 15:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-11-11 06:48 - 2015-10-30 15:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-11-11 06:48 - 2015-10-30 15:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-11-11 06:48 - 2015-10-30 15:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-11-11 06:48 - 2015-10-30 15:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-11-11 06:48 - 2015-10-30 15:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-11-11 06:48 - 2015-10-30 15:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-11-11 06:48 - 2015-10-30 15:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-11-11 06:48 - 2015-10-30 15:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-11-11 06:48 - 2015-10-30 15:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-11-11 06:48 - 2015-10-30 15:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-11-11 06:48 - 2015-10-30 14:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 06:48 - 2015-10-30 14:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-11-11 06:48 - 2015-10-30 14:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 06:48 - 2015-10-30 14:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-11-11 06:48 - 2015-10-30 14:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-11-11 06:48 - 2015-10-30 14:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 06:48 - 2015-10-30 14:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-11-11 06:48 - 2015-10-30 14:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 06:48 - 2015-10-30 14:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 06:48 - 2015-10-30 14:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2015-11-11 06:48 - 2015-10-30 14:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 06:48 - 2015-10-30 14:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 06:48 - 2015-10-30 14:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 06:48 - 2015-10-30 14:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 06:48 - 2015-10-30 14:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 06:48 - 2015-10-30 14:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 06:48 - 2015-10-30 14:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 06:48 - 2015-10-30 14:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2015-11-11 06:48 - 2015-10-30 14:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-11-11 06:48 - 2015-10-30 14:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-11-11 06:48 - 2015-10-30 14:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-11-11 06:48 - 2015-10-30 14:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 06:48 - 2015-10-30 14:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 06:48 - 2015-10-30 14:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-11-11 06:48 - 2015-10-30 14:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 06:48 - 2015-10-30 14:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 06:48 - 2015-10-30 14:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-11-11 06:48 - 2015-10-30 14:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 06:48 - 2015-10-30 14:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 06:48 - 2015-10-30 14:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 06:48 - 2015-10-30 14:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 06:48 - 2015-10-30 14:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 06:48 - 2015-10-30 14:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 06:48 - 2015-10-30 14:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-11-11 06:48 - 2015-10-30 13:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-11-11 06:48 - 2015-10-30 13:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 06:48 - 2015-10-30 13:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 06:47 - 2015-10-29 09:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2015-11-11 06:47 - 2015-10-29 09:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\System32\aelupsvc.dll
2015-11-11 06:47 - 2015-10-29 09:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\sdbinst.exe
2015-11-11 06:47 - 2015-10-29 09:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\shimeng.dll
2015-11-11 06:47 - 2015-10-29 09:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 06:47 - 2015-10-29 09:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 06:47 - 2015-10-29 09:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 06:47 - 2015-10-13 08:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2015-11-11 06:47 - 2015-10-13 08:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2015-11-11 06:47 - 2015-10-12 20:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2015-11-11 06:47 - 2015-10-01 10:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\System32\InkEd.dll
2015-11-11 06:47 - 2015-10-01 10:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\jnwmon.dll
2015-11-11 06:47 - 2015-10-01 09:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 05:59 - 2015-11-11 05:59 - 00000000 __SHD C:\found.033
2015-11-10 06:09 - 2015-11-10 06:09 - 00000000 _____ C:\Users\Sharee Mae F B\AppData\Local\{8DE8764D-2E21-44BC-86E0-13065BFED885}
2015-11-05 02:23 - 2015-11-05 02:23 - 00000000 _____ C:\Users\Sharee Mae F B\AppData\Local\{DCEEEB52-722F-4B88-81DE-B8ACEF9ACE80}
2015-10-27 07:48 - 2015-10-27 07:48 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\FocalFilter
2015-10-27 07:46 - 2015-10-27 07:47 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Roaming\FocalFilter
2015-10-27 07:41 - 2015-10-27 07:41 - 00001909 _____ C:\Users\Public\Desktop\FocalFilter.lnk
2015-10-27 07:41 - 2015-10-27 07:41 - 00001909 _____ C:\ProgramData\Desktop\FocalFilter.lnk
2015-10-27 07:41 - 2015-10-27 07:41 - 00000000 ____D C:\Program Files (x86)\FocalFilter
2015-10-27 07:40 - 2015-10-27 07:40 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\Downloaded Installations
2015-10-25 11:18 - 2015-10-25 11:18 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-10-25 10:10 - 2015-10-25 10:10 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\CEF
2015-10-25 10:03 - 2015-10-25 10:03 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-25 10:02 - 2015-10-25 10:02 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-10-25 10:02 - 2015-10-25 10:02 - 00002047 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2015-10-24 11:18 - 2015-10-25 11:18 - 00001934 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-10-24 11:18 - 2015-10-25 11:18 - 00001934 _____ C:\ProgramData\Desktop\McAfee Security Scan Plus.lnk
2015-10-24 11:18 - 2015-10-24 11:18 - 00000000 ____D C:\ProgramData\McAfee Security Scan
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-21 16:48 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-11-21 16:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe
2015-11-21 16:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\com
2015-11-21 16:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\IME
2015-11-19 09:23 - 2011-10-19 13:02 - 02021267 _____ C:\Windows\WindowsUpdate.log
2015-11-19 09:16 - 2014-11-13 09:24 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-19 08:56 - 2015-09-05 09:51 - 00000924 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-19 08:45 - 2012-06-23 11:39 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\Google
2015-11-19 08:44 - 2012-06-23 11:34 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Roaming\Adobe
2015-11-19 08:42 - 2012-08-02 06:26 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\Adobe
2015-11-19 08:38 - 2011-10-18 21:17 - 00000000 ____D C:\ProgramData\Temp
2015-11-19 08:27 - 2015-10-07 04:22 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-19 08:21 - 2009-07-13 20:45 - 00006192 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-19 08:21 - 2009-07-13 20:45 - 00006192 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-19 08:14 - 2015-09-05 09:57 - 00000000 ___RD C:\Users\Sharee Mae F B\Dropbox
2015-11-19 08:14 - 2015-03-14 08:46 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Roaming\Dropbox
2015-11-19 08:07 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-19 08:07 - 2009-07-13 20:51 - 00337704 _____ C:\Windows\setupact.log
2015-11-19 07:19 - 2009-07-13 21:13 - 00826460 _____ C:\Windows\System32\PerfStringBackup.INI
2015-11-19 07:14 - 2015-03-14 08:33 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-18 12:43 - 2012-10-11 06:38 - 00000964 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3927208205-3014712141-1529014274-1001UA.job
2015-11-17 12:39 - 2012-10-15 10:16 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\Microsoft Help
2015-11-17 09:48 - 2012-10-15 10:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-17 09:47 - 2012-06-27 10:29 - 00819074 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-16 09:32 - 2013-08-02 03:32 - 00000000 ____D C:\Windows\System32\MRT
2015-11-16 09:15 - 2012-07-09 10:16 - 145617392 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-11-16 07:59 - 2009-07-13 20:45 - 02419568 _____ C:\Windows\System32\FNTCACHE.DAT
2015-11-16 07:04 - 2010-11-20 19:47 - 01018926 _____ C:\Windows\PFRO.log
2015-11-15 11:15 - 2011-10-19 12:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-12 07:05 - 2015-09-05 09:50 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-12 06:02 - 2012-08-14 03:41 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Roaming\vlc
2015-11-12 05:34 - 2009-07-13 21:08 - 00032596 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-08 10:54 - 2015-10-19 06:39 - 00000000 ____D C:\Users\Sharee Mae F B\Documents\School Stuff
2015-11-07 07:26 - 2015-03-14 08:32 - 01059656 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsnx.sys
2015-11-07 07:26 - 2015-03-14 08:32 - 00449992 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys
2015-11-05 19:17 - 2012-06-23 11:31 - 00132352 _____ C:\Users\Sharee Mae F B\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-04 08:25 - 2013-10-11 08:40 - 00014848 _____ C:\Users\Sharee Mae F B\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-31 11:28 - 2012-07-15 11:28 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Roaming\Azureus
2015-10-31 06:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-10-27 07:41 - 2012-06-24 11:07 - 00000000 ____D C:\users\Sharee Mae F B
2015-10-25 10:08 - 2015-05-25 10:04 - 00000000 ____D C:\Users\Sharee Mae F B\Documents\lol
2015-10-25 10:02 - 2014-10-15 06:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-24 11:22 - 2012-07-12 07:18 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\CrashDumps
Files to move or delete:
====================
C:\ProgramData\mstbotcfv.exe
Some files in TEMP:
====================
C:\Users\Sharee Mae F B\AppData\Local\Temp\avguidx.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\BackupSetup.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\bitool.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\cdo2153927807.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpupvujx.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\i4jdel0.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\i4jdel1.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\ICReinstall_sam-and-cat-s01e12-motorcycle-mystery-web-dl-aac-x264-nogrp_BitLord.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\Setup.X86.en-us_O365HomePremRetail_39e101af-9268-4583-8e9c-1a2fd9df438a_TX_DB_ (1).exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_39e101af-9268-4583-8e9c-1a2fd9df438a_TX_DB_ (2).exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_39e101af-9268-4583-8e9c-1a2fd9df438a_TX_DB_ (3).exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\Setup.X86.en-us_O365HomePremRetail_39e101af-9268-4583-8e9c-1a2fd9df438a_TX_DB_ (4).exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\SetupProPlusRetail.x86.en-us.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\simbo.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\Tsu029EDF03.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\tu17p84.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Sharee Mae F B\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\wget.exe
==================== Known DLLs (Whitelisted) =========================
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE Association (Whitelisted) =============
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 12%
Total physical RAM: 6057.55 MB
Available physical RAM: 5277.63 MB
Total Virtual: 6055.75 MB
Available Virtual: 5280.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146 GB) (Free:5.61 GB) NTFS
Drive d: () (Fixed) (Total:297.43 GB) (Free:34.97 GB) NTFS
Drive f: (SAMSUNG_REC) (Fixed) (Total:22.23 GB) (Free:0.99 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: () (Removable) (Total:7.46 GB) (Free:2.01 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D37C3F46)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=297.4 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=22.2 GB) - (Type=27)
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
LastRegBack: 2014-05-28 06:28
==================== End of FRST.txt ============================