Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mouse keeps jumping


  • This topic is locked This topic is locked
42 replies to this topic

#1 ep2002

ep2002

  • Members
  • 324 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Traveling around now to find my dream country
  • Local time:11:04 PM

Posted 18 June 2015 - 05:40 AM

Hi,

 

My mouse keeps double & triple clicking without me doing anything. I can't work as windows keep popping up all over the place or I have to click on a window several times to get it to pull up.

 

I've had other issues with the computer like my cam is flashing colors, webcams are lagging, it takes forever for right click to bring up the menu for a file, my VLC has had Runtime errors for weeks & they claim there's nothing wrong on there end & uninstalling & reintalling won't fix the problem, etc.

 

Thank you for all your help.

 

Here is the FRST file

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Michelle-Laptop (administrator) on MICHELLE on 18-06-2015 03:00:08
Running from C:\Users\Michelle-Laptop\Downloads
Loaded Profiles: Michelle-Laptop &  (Available Profiles: Michelle-Laptop)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-

recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\Wipe\Wipe.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Michelle-Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files\pia_manager\pia_manager.exe
(http://www.ruby-lang.org/) C:\Users\Michelle-Laptop\AppData\Local\Temp\ocr3F6E.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(http://www.ruby-lang.org/) C:\Users\Michelle-Laptop\AppData\Local\Temp\ocr5017.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(BitTorrent Inc.) C:\Users\Michelle-Laptop\AppData\Roaming\uTorrent\uTorrent.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_160.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_160.exe
() C:\Program Files\pia_manager\openvpn.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be

moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Qualcomm Atheros

Commnucations)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [11805040 2015-06-01] (Zemana Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688

2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336

2015-04-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19]

(Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe

[3423104 2012-08-30] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28]

(CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software

s.r.o.)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe

[31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner

\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8322328

2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001\...\Run: [Wipe Maintance] => C:\Program Files\Wipe\net1.exe [546456

2015-06-03] (www.privacyroot.com)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001\...\Run: [Dropbox Update] => C:\Users\Michelle-Laptop\AppData\Local

\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\WLXPGSS.SCR [322048

2012-09-12] (Microsoft Corporation)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program

Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring]

=> C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner] => C:

\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Wipe Maintance] =>

C:\Program Files\Wipe\net1.exe [546456 2015-06-03] (www.privacyroot.com)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] =>

C:\Users\Michelle-Laptop\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3735581786-730263480-2425188098-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\

\SCRNSAVE.EXE -> C:\WINDOWS\WLXPGSS.SCR [322048 2012-09-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-02-06]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-02-06]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\Users\Michelle-Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-02-08]
ShortcutTarget: Dropbox.lnk -> C:\Users\Michelle-Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Michelle-Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wipe Tray Agent.lnk [2015

-06-03]
ShortcutTarget: Wipe Tray Agent.lnk -> C:\Program Files\Wipe\Wipe.exe ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michelle-Laptop

\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michelle-Laptop

\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michelle-Laptop

\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michelle-Laptop

\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michelle-Laptop

\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michelle-Laptop

\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michelle-Laptop

\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michelle-Laptop

\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast

\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS

\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS

\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS

\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell

\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic

Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3735581786-730263480-2425188098-1001\Software\Microsoft\Internet Explorer\Main,Start Page =

http://asus13.msn.com
HKU\S-1-5-21-3735581786-730263480-2425188098-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://asus13.msn.com
HKU\S-1-5-21-3735581786-730263480-2425188098-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet

Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-3735581786-730263480-2425188098-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll

[2014-04-20] (IvoSoft)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

[2012-08-10] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast

\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-

02-06] (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office

\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll

[2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell

\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java

\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast

\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-

02-06] (LastPass)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft

Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java

\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell

\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell

\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass

\LPToolbar_x64.dll [2015-02-06] (LastPass)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell

\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass

\LPToolbar.dll [2015-02-06] (LastPass)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11

FireFox:
========
FF ProfilePath: C:\Users\Michelle-Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\tcnyy8zv.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: www.eztv.ch|https://thepiratebay.se/tv/latest/|https://kickass.to|www.yify-torrents.com|

hxxp://extratorrent.cc/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-13] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-02-06] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16]

( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft

Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin

\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[2015-04-17] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-02-06] (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09]

(Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24]

(Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update

\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update

\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0-20150224-1928 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13]

(VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems

Inc.)
FF Extension: LastPass - C:\Users\Michelle-Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\tcnyy8zv.default\Extensions

\support@lastpass.com [2015-02-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-06]

Chrome:
=======
CHR Profile: C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions

\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User

Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-02-17]
CHR Extension: (Google Docs) - C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions

\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions

\apdfllckaahabafndbhieahigkjlhalf [2015-02-06]
CHR Extension: (YouTube) - C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions

\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-06]
CHR Extension: (Google Search) - C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions

\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-06]
CHR Extension: (Google Sheets) - C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions

\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User Data\Default

\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-02-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User Data\Default

\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions

\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-06]
CHR Extension: (Gmail) - C:\Users\Michelle-Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions

\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-06]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep

\Chrome\aswWebRepChromeSp.crx [2015-03-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep

\Chrome\aswWebRepChrome.crx [2015-03-21]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (LastPass) - C:\Users\Michelle-Laptop\AppData\Roaming\Opera Software\Opera Stable\Extensions

\hnjalnkldgigidggphhmacmimbdlafdo [2015-06-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed

separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro

Devices, Inc.) [File not signed]
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros

Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes

Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes

Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [11805040 2015-06-01] (Zemana Ltd.)
S4 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros)

[File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed

separately.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro

Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-22] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [104184 2012-12-20] (Advanced Micro Devices)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
S3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2014-06-29] (Windows ® Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-29] (Windows ® Win 7 DDK

provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [107872 2015-06-07] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [107872 2015-06-07] (Zemana Ltd.)
S3 ManyCam; \SystemRoot\system32\DRIVERS\mcvidrv.sys [X]
S3 mcaudrv_simple; \SystemRoot\system32\drivers\mcaudrv_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed

separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 03:00 - 2015-06-18 03:01 - 00028413 _____ C:\Users\Michelle-Laptop\Downloads\FRST.txt
2015-06-18 01:44 - 2015-06-18 03:00 - 00000000 ____D C:\FRST
2015-06-18 01:42 - 2015-06-18 01:43 - 02109952 _____ (Farbar) C:\Users\Michelle-Laptop\Downloads\FRST64.exe
2015-06-17 02:14 - 2015-06-17 22:27 - 00068710 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-16 22:25 - 2015-06-16 22:25 - 00000000 ____D C:\Users\Michelle-Laptop\AppData\Roaming\Microsoft\Windows\Start

Menu\Programs\Dropbox
2015-06-16 22:24 - 2015-06-18 02:29 - 00000976 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3735581786-730263480-

2425188098-1001UA.job
2015-06-16 22:24 - 2015-06-17 22:29 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3735581786-730263480-

2425188098-1001Core.job
2015-06-16 22:24 - 2015-06-16 22:24 - 00003942 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3735581786-

730263480-2425188098-1001UA
2015-06-16 22:24 - 2015-06-16 22:24 - 00003562 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3735581786-

730263480-2425188098-1001Core
2015-06-16 22:24 - 2015-06-16 22:24 - 00000000 ____D C:\Users\Michelle-Laptop\AppData\Local\Dropbox
2015-06-16 22:24 - 2015-06-16 22:24 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-14 05:36 - 2015-06-14 05:36 - 28849904 _____ C:\Users\Michelle-Laptop\Downloads\vlc-2.2.1-win32(1).exe
2015-06-12 21:32 - 2015-06-18 02:19 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-12 21:32 - 2015-06-13 18:14 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-12 21:32 - 2015-06-13 17:41 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-06-12 21:32 - 2015-06-12 21:32 - 00003876 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-06-09 11:27 - 2015-05-27 07:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-09 11:27 - 2015-05-27 07:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-09 11:27 - 2015-05-25 06:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-09 11:27 - 2015-05-25 06:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-09 11:27 - 2015-05-22 19:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-09 11:27 - 2015-05-22 11:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-09 11:27 - 2015-05-22 10:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-09 11:27 - 2015-05-22 06:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-09 11:27 - 2015-05-21 06:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-09 11:27 - 2015-05-21 06:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-09 11:27 - 2015-05-21 06:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-09 11:27 - 2015-05-21 06:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-09 11:27 - 2015-05-21 06:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-09 11:27 - 2015-05-21 06:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-09 11:27 - 2015-04-24 19:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-09 11:27 - 2015-04-24 19:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-09 11:27 - 2015-04-16 15:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-09 11:27 - 2015-04-15 23:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-09 11:27 - 2015-04-13 15:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-09 11:27 - 2015-04-13 15:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-09 11:27 - 2015-04-09 17:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-09 11:27 - 2015-04-09 17:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-09 11:27 - 2015-04-08 15:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-09 11:27 - 2015-04-08 15:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-09 11:27 - 2015-04-01 15:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-09 11:27 - 2015-04-01 15:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-09 11:27 - 2015-03-31 21:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-09 11:27 - 2015-03-31 21:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-09 11:27 - 2015-03-31 21:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-09 11:27 - 2015-03-31 21:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-09 11:27 - 2015-03-31 20:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-09 11:27 - 2015-03-31 20:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-09 11:27 - 2015-03-31 20:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-09 11:27 - 2015-03-31 19:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-09 11:27 - 2015-03-31 19:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-09 11:27 - 2015-03-31 19:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-09 11:27 - 2015-03-31 19:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-09 11:27 - 2015-03-31 19:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-09 11:27 - 2015-03-31 19:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-09 11:27 - 2015-03-19 20:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-09 11:27 - 2015-03-19 20:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-09 11:27 - 2015-03-19 19:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-09 11:27 - 2015-03-19 19:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-09 11:27 - 2015-03-01 18:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-09 11:27 - 2015-03-01 18:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-09 11:26 - 2015-05-22 20:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-09 11:26 - 2015-05-22 20:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-09 11:26 - 2015-05-22 20:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-09 11:26 - 2015-05-22 20:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-09 11:26 - 2015-05-22 20:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-09 11:26 - 2015-05-22 19:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-09 11:26 - 2015-05-22 19:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-09 11:26 - 2015-05-22 19:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-09 11:26 - 2015-05-22 19:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-09 11:26 - 2015-05-22 19:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-09 11:26 - 2015-05-22 19:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-09 11:26 - 2015-05-22 19:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-09 11:26 - 2015-05-22 19:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-09 11:26 - 2015-05-22 19:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-09 11:26 - 2015-05-22 19:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-09 11:26 - 2015-05-22 19:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-09 11:26 - 2015-05-22 19:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-09 11:26 - 2015-05-22 12:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-09 11:26 - 2015-05-22 12:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-09 11:26 - 2015-05-22 12:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-09 11:26 - 2015-05-22 11:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-09 11:26 - 2015-05-22 11:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-09 11:26 - 2015-05-22 11:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-09 11:26 - 2015-05-22 11:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-09 11:26 - 2015-05-22 11:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-09 11:26 - 2015-05-22 11:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-09 11:26 - 2015-05-22 11:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-09 11:26 - 2015-05-22 11:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-09 11:26 - 2015-05-22 11:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-09 11:26 - 2015-05-22 11:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-09 11:26 - 2015-05-22 11:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-09 11:26 - 2015-05-22 10:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-09 11:26 - 2015-05-22 10:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-09 11:26 - 2015-05-22 10:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-09 11:26 - 2015-05-22 10:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-09 11:26 - 2015-05-21 09:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-08 02:46 - 2015-06-15 20:51 - 00000000 ____D C:\AdwCleaner
2015-06-08 02:44 - 2015-06-08 02:45 - 02231296 _____ C:\Users\Michelle-Laptop\Downloads\adwcleaner_4.206.exe
2015-06-08 01:02 - 2015-06-08 01:02 - 00001223 _____ C:\Users\Michelle-Laptop\Desktop\JRT.txt
2015-06-08 00:56 - 2015-06-08 00:56 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-MICHELLE-Windows-8.1-(64-bit).dat
2015-06-08 00:56 - 2015-06-08 00:56 - 00000000 ____D C:\RegBackup
2015-06-07 23:08 - 2015-06-07 23:08 - 02943232 _____ (Thisisu) C:\Users\Michelle-Laptop\Downloads\JRT.exe
2015-06-07 19:50 - 2015-06-07 19:50 - 00107872 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2015-06-07 19:50 - 2015-06-07 19:50 - 00001162 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2015-06-07 19:50 - 2015-06-07 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana

AntiMalware
2015-06-07 19:50 - 2015-06-07 19:50 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2015-06-07 19:49 - 2015-06-07 19:49 - 00107872 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2015-06-07 19:49 - 2015-06-07 19:49 - 00000000 ____D C:\Users\Michelle-Laptop\AppData\Local\Zemana
2015-06-03 19:43 - 2015-06-15 22:27 - 00000000 ____D C:\Program Files (x86)\System Ninja
2015-06-03 19:43 - 2015-06-03 19:43 - 00001069 _____ C:\Users\Public\Desktop\System Ninja.lnk
2015-06-03 19:43 - 2015-06-03 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Ninja
2015-06-03 19:39 - 2015-06-03 19:39 - 02507200 _____ (SingularLabs ) C:\Users\Michelle-Laptop\Downloads\ninja-setup-

3.0.6.exe
2015-06-03 19:37 - 2015-06-18 02:54 - 00000000 ____D C:\Users\Michelle-Laptop\AppData\Roaming\Wipe
2015-06-03 19:37 - 2015-06-04 00:02 - 00001789 _____ C:\Users\Michelle-Laptop\Desktop\Wipe.lnk
2015-06-03 19:37 - 2015-06-03 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wipe
2015-06-03 19:37 - 2015-06-03 19:37 - 00000000 ____D C:\Program Files\Wipe
2015-06-03 19:28 - 2015-06-03 19:28 - 00546456 _____ (www.privacyroot.com) C:\Users\Michelle-Laptop\Downloads

\setup_wipe.exe
2015-06-02 18:06 - 2015-06-03 15:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-02 03:49 - 2015-06-02 03:49 - 00000000 ____D C:\Users\Michelle-Laptop\AppData\Local\GWX
2015-05-20 23:36 - 2015-05-20 23:37 - 00000042 _____ C:\Users\Michelle-Laptop\jaco-watermark-save.txt
2015-05-20 23:34 - 2015-05-20 23:34 - 00000042 _____ C:\Users\Michelle-Laptop\jaco-watermark-open.txt
2015-05-20 23:27 - 2015-05-20 23:34 - 00000646 _____ C:\Users\Michelle-Laptop\jaco-watermark-component-state.xml

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 03:00 - 2015-02-08 05:51 - 00000000 ____D C:\Users\Michelle-Laptop\AppData\Roaming\uTorrent
2015-06-18 03:00 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-18 02:58 - 2015-02-07 04:17 - 00000000 ____D C:\Users\Michelle-Laptop\AppData\Roaming\vlc
2015-06-18 02:55 - 2015-02-08 05:45 - 00000000 ____D C:\Watch (File)
2015-06-18 02:54 - 2015-02-06 20:20 - 00000000 ____D C:\Users\Michelle-Laptop\AppData\Roaming\Skype
2015-06-18 02:22 - 2015-02-06 20:11 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-18 02:14 - 2015-02-21 01:08 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-18 01:14 - 2014-11-21 01:44 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-18 00:56 - 2015-02-06 20:16 - 00000000 ____D C:\Users\Michelle-Laptop\AppData\Roaming\ClassicShell
2015-06-18 00:00 - 2015-02-06 21:44 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers

\MBAMSwissArmy.sys
2015-06-16 22:31 - 2015-02-06 20:05 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-

3735581786-730263480-2425188098-1001
2015-06-16 22:26 - 2015-02-08 05:42 - 00000000 ___RD C:\Users\Michelle-Laptop\Dropbox
2015-06-16 22:26 - 2015-02-08 05:38 - 00000000 ____D C:\Users\Michelle-Laptop\AppData\Roaming\Dropbox
2015-06-16 22:22 - 2015-02-06 20:00 - 00000401 _____ C:\Users\Michelle-Laptop\AppData\Roaming\sp_data.sys
2015-06-16 22:18 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-15 19:37 - 2015-03-18 01:21 - 00000000 ____D C:\ProgramData\ManyCam
2015-06-15 05:36 - 2015-03-05 05:01 - 00034451 _____ C:\WINDOWS\system32\lvcoinst.log
2015-06-14 05:37 - 2015-05-14 03:22 - 00001084 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-06-14 05:02 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-13 18:14 - 2015-02-07 00:00 - 00000000 ____D C:\Users\Michelle-Laptop\AppData\Local\Adobe
2015-06-13 18:03 - 2015-03-12 00:04 - 00000000 __SHD C:\Users\Michelle-Laptop\AppData\Local\EmieUserList
2015-06-13 18:03 - 2015-03-12 00:04 - 00000000 __SHD C:\Users\Michelle-Laptop\AppData\Local\EmieSiteList
2015-06-13 18:03 - 2015-03-12 00:04 - 00000000 __SHD C:\Users\Michelle-Laptop\AppData\Local\EmieBrowserModeList
2015-06-12 18:10 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-12 18:09 - 2015-04-16 21:05 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-12 18:09 - 2014-11-21 08:56 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-12 18:09 - 2013-08-22 08:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-11 04:11 - 2015-02-06 21:59 - 00003830 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1423285154
2015-06-11 04:11 - 2015-02-06 21:59 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-11 04:11 - 2015-02-06 21:59 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-10 06:33 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-10 01:18 - 2012-07-26 00:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-09 20:52 - 2013-08-22 07:44 - 00408952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-09 20:48 - 2015-02-07 01:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-09 20:48 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-09 20:47 - 2015-02-08 00:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-09 20:41 - 2015-02-08 00:22 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-09 15:24 - 2015-02-06 20:12 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-03 15:33 - 2015-02-06 20:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 11:46 - 2015-02-06 21:15 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-03 09:18 - 2014-11-21 09:03 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 09:18 - 2014-11-21 09:03 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS

\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-27 21:44 - 2015-02-06 21:56 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-27 21:44 - 2015-02-06 21:56 - 00000000 ____D C:\Program Files\CCleaner
2015-05-23 00:41 - 2015-03-05 05:11 - 00000000 ____D C:\Users\Michelle-Laptop
2015-05-23 00:35 - 2013-09-17 23:04 - 00000000 ____D C:\Notes

==================== Files in the root of some directories =======

2015-02-06 22:00 - 2015-02-06 22:00 - 14291000 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-02-06 20:00 - 2015-06-16 22:22 - 0000401 _____ () C:\Users\Michelle-Laptop\AppData\Roaming\sp_data.sys
2012-11-27 11:26 - 2012-09-07 04:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2012-11-27 11:26 - 2009-07-22 03:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-11-27 11:26 - 2012-09-07 04:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some files in TEMP:
====================
C:\Users\Michelle-Laptop\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4urcrw.dll
C:\Users\Michelle-Laptop\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpc6c8vp.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-16 22:31

==================== End of log ============================

 


Edited by ep2002, 18 June 2015 - 05:43 AM.


BC AdBot (Login to Remove)

 


m

#2 StanFF

StanFF

  • Malware Response Team
  • 1,172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 21 June 2015 - 05:25 AM

Hello ep2002,
 

I'm Stan and I will be helping you for this problem.

 

First of all I want to clear some things about the malware removal process:

  • Do not run any tools on your own. This may affect the process of removal and may cause both slowdown and additional problems.
  • Read carefully the steps that I suggest you to do. Any mismatch will prolong this case.
  • Copy any scripts carefully so they stay exactly the same with the original. Otherwise the script may not work and we will need to rerun/recreate it.
  • Feel free to copy all the steps in offline environment. They may be easier to read and follow in this way.
  • Feel free to ask any questions about the malware removal process. I'm here to help you so nothing must be hidden or misunderstood.
  • Share with me any problems/changes you experience while working with the current system.
  • Please, do not use any quotes or code boxes when you post logs.

I want to inform you that I will be able to respond in the evenings - 07:00 P.M - 11:00 P.M. (UTC + 02:00) - since I'm working during most of the daytime. If I haven't posted anything for 48 hours straight, please, feel free to send me a personal message. I will bump the topic if there is no response from you for 3 days. After 5 days of inactivity, the topic will be closed.

 

I want to inform you that I'm still in my training program so my posts must be reviewed by an instructor. This may lead to a slight delay in my answers.

 

*******************

 

Thank you for the provided logs. I will inspect them and be back with instruction for further actions. Meanwhile, is there any change, either positive or negative, in system's behavior since the time you posted the topic? About the mouse problem - did you try using different mouse on the computer?


Regards,

Stan

 

"There isn't a person anywhere who isn't capable of doing more than he thinks he can." - Henry Ford

 

 

 

 

 


#3 StanFF

StanFF

  • Malware Response Team
  • 1,172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 21 June 2015 - 07:55 AM

Hello ep2002,
 

I have reviewed your logs and based on the log provided, I can say that there is no active malware present on the system. This leads me to the conclusion that the problems you are experiencing may be caused from third-party software installed. There are couple of entries which may sit behind that. Before we continue though, I want to see an Addition.txt log from Farbar Recovery Scan Tool. To create that one, please follow the steps:

  • Please, delete your version of FRST and download the latest version of the tool from here. When you start the tool, please, check the checkbox in front of Addition.txt in the Optional Scan section. Then run a new scan of the system and post the results in your next comment.

In your next post, I will be waiting for the answer of my question in post number two and the logs from FRST.


Regards,

Stan

 

"There isn't a person anywhere who isn't capable of doing more than he thinks he can." - Henry Ford

 

 

 

 

 


#4 StanFF

StanFF

  • Malware Response Team
  • 1,172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 24 June 2015 - 12:34 PM

Hello ep2002,

 

Are you with me? Remember, the topic will be closed after two more days of inactivity.


Regards,

Stan

 

"There isn't a person anywhere who isn't capable of doing more than he thinks he can." - Henry Ford

 

 

 

 

 


#5 ep2002

ep2002
  • Topic Starter

  • Members
  • 324 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Traveling around now to find my dream country
  • Local time:11:04 PM

Posted 24 June 2015 - 12:46 PM

Sorry, I haven't been feeling well, plus I wanted to try out the other mouse I used.

 

The scan I'll have to do later today or tomorrow.

 

As for the mouse, it's MUCH better, but I'm still getting the same behavior at times.

 

The mouse I was using is almost a brand new one from months ago. The one I'm using now is the same model (older) that I was using before until I was having problems with it. I can't remember if it was the same problems or something different.

 

Thanks & sorry for the delay.



#6 StanFF

StanFF

  • Malware Response Team
  • 1,172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 24 June 2015 - 12:51 PM

Hello ep2002,

 

There is no problem for the delay. I wanted to make sure if you are still experiencing the problems you were describing. I can wait for the requested logs so don't worry. I hope you are feeling much better now. :)


Regards,

Stan

 

"There isn't a person anywhere who isn't capable of doing more than he thinks he can." - Henry Ford

 

 

 

 

 


#7 ep2002

ep2002
  • Topic Starter

  • Members
  • 324 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Traveling around now to find my dream country
  • Local time:11:04 PM

Posted 25 June 2015 - 03:34 AM

Hi there,

 

Thank you

 

So I went to control panel & I can't find the farbar aka FRST files.

 

When I search programs I find it, but I see no way to delete it (uninstall).

 

Please LMK what I need to do to uninstall this.

 

Thanks

 

 

Michelle



#8 StanFF

StanFF

  • Malware Response Team
  • 1,172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 25 June 2015 - 02:48 PM

Hello Michelle,

 

To remove Farbar Recovery Scan Tool or FRST, you just need to delete the executable that you have previously downloaded. There is no installation before or when using the tool. As I can see, the file should be located in your "Downloads" folder.


Regards,

Stan

 

"There isn't a person anywhere who isn't capable of doing more than he thinks he can." - Henry Ford

 

 

 

 

 


#9 ep2002

ep2002
  • Topic Starter

  • Members
  • 324 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Traveling around now to find my dream country
  • Local time:11:04 PM

Posted 26 June 2015 - 05:57 AM

Ok, I found it.

 

Here are the new scans.

 

Thank you

Attached Files



#10 StanFF

StanFF

  • Malware Response Team
  • 1,172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 28 June 2015 - 01:40 AM

Hello Michelle,

 

There are couple of things that concern me in the logs provided. The good news are that none of them are related to malware. There are couple of issues though that have to be checked before anything else. There are system events that show errors directly related to your hard drive. Because of that, we need to check its condition.

 

Please, download GSmartControl and save the file on your Desktop.

  • Unzip the downloaded archive (gsmartcontrol-0.8.7-win32.zip) to destination by your choice.
  • Double-click on gsmartcontrol.exe to start the application.
  • A list of available hard drives will be shown.
  • Double-click over your hard drive entry to see more detailed information.
  • Please, push the Save As button to save the displayed content.

Please, attach the generated file to your next post.
 

Note: If you have more than one hard drive attached to the system, repeat the steps for each of them.

Note: To attach files to your post, push the More Reply Options button. A new window will open. Under the text field, you will find an Attach Files section. Please, push Choose Files... button to attach the desired files.


Regards,

Stan

 

"There isn't a person anywhere who isn't capable of doing more than he thinks he can." - Henry Ford

 

 

 

 

 


#11 ep2002

ep2002
  • Topic Starter

  • Members
  • 324 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Traveling around now to find my dream country
  • Local time:11:04 PM

Posted 29 June 2015 - 08:07 AM

Hi,

 

Ok, so I have an external HD attached to this computer. It's from the old laptop which died on me around the time my desktop did 2 years ago. It was only 2 years old as well. My gawd, do laptops ONLY last 2 years these days??? It looks like it's dying :(  It's always full could that be why? Although it was an issue 2 years ago, but it worked when I got an external case & hooked it up to this laptop for storage.

 

I'm trying to save up for a new external HD. I just don't have the money right now, BUT why would that affect the rest of the computer? I don't use it for any of my work, I only use it to store certain things on it & it's separate from my laptop's HD.

 

On another note, I forgot to mention that I have issues with my VLC. I've tried to get them to help me via their forum, but they refused to help & said that all should be fine.

 

I get runtime library errors (not sure what that means) when I try to listen to my music which are FLAC files. Tons of popups show up & the music sometimes runs on my loop & other times just stops after a song or two.

 

I never had that problem before until about a month ago & I think it was after their update. I've been using VLC for years. All is fine on the desktop. Even when I tried to downgrade the problem occurred even though it hadn't occured before. And yes, I also uninstalled & reinstalled the latest version & that didn't help.

 

Let me know.

 

Thanks

 

 

Attached Files



#12 StanFF

StanFF

  • Malware Response Team
  • 1,172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 29 June 2015 - 11:48 PM

Hello Michelle,

 

It was only 2 years old as well. My gawd, do laptops ONLY last 2 years these days??? It looks like it's dying :(

 

A mixture of multiple variables is responsible for the state of certain hard drive. We can have faulty hard drive series, improper hard drive usage or improper hard drive environment.

I'm trying to save up for a new external HD. I just don't have the money right now, BUT why would that affect the rest of the computer? I don't use it for any of my work, I only use it to store certain things on it & it's separate from my laptop's HD.

 

To look from the bright side, it is good that hard drives do indicate for future failure most of the times. This can save gigabytes (terabytes) of precious information from being lost. With the integration of cloud services these days, the most important data saved can be quickly backed up for free and be kept there till new hard drive is bought.

 

Yes, the hard drive may affect system's condition even though it looks like it is not being used directly.

 

You may check if there is active warranty on the drive that is showing signs of malfunctioning. Such information in the Self-Monitoring, Analysis and Reporting Technology (SMART) is, most of the times, covered by the warranty policies of the manufacturing company.

 

On another note, I forgot to mention that I have issues with my VLC. I've tried to get them to help me via their forum, but they refused to help & said that all should be fine.

 

We will check that for sure. You mentioned experiencing multiple runtime errors being popped - do these occur only when playing FLAC files? Can you make a screenshot/s of the error/s shown and post it/them in your next reply? If you don't know how to do that, you can check the steps described here.

 

For now, I want you to disconnect your external hard drive for a while and work on the system without it. See if any system misbehavior occur. Give you feedback in your next reply along with the screenshots I requested.


Regards,

Stan

 

"There isn't a person anywhere who isn't capable of doing more than he thinks he can." - Henry Ford

 

 

 

 

 


#13 ep2002

ep2002
  • Topic Starter

  • Members
  • 324 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Traveling around now to find my dream country
  • Local time:11:04 PM

Posted 30 June 2015 - 01:24 AM

Ok, please give me at least 3-4 days to test the laptop w/out the external HD. I will have to plug it in periodically to get data, but I'll unplug it while I'm working.

 

As for VLC, correct. for video files VLC works fine.

 

I'll run one of my New Age songs tonight & get you a SS.

 

Thanks



#14 StanFF

StanFF

  • Malware Response Team
  • 1,172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 30 June 2015 - 01:50 PM

Hello Michelle,

 

Ok, please give me at least 3-4 days to test the laptop w/out the external HD. I will have to plug it in periodically to get data, but I'll unplug it while I'm working

 

Don't worry, we are not in hurry at all.

 

I will be waiting for the screenshots with captured errors.


Regards,

Stan

 

"There isn't a person anywhere who isn't capable of doing more than he thinks he can." - Henry Ford

 

 

 

 

 


#15 ep2002

ep2002
  • Topic Starter

  • Members
  • 324 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Traveling around now to find my dream country
  • Local time:11:04 PM

Posted 01 July 2015 - 07:11 AM

Ok, the computer was a bit better re: the mouse, although when I first started without the external HD, it still double clicked into an Excel file.

 

Things are still loading very slowly, like when opening Paint, it took way too long to startup.

 

Here's the SS of the runtime errors. It keeps adding new popups for every new song (I think).

 

Thanks

Attached Files






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users