Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

trouble removing three trojans [Solved]

Started by azul20 , Aug 14 2014 05:33 PM

This topic is locked

#16
Essexboy

Posted 23 August 2014 - 04:36 AM

GeekU Moderator

Retired Staff
69,964 posts

What is your current AV as I can see traces of AVG, Norton, ZA and Comodo

#17
azul20

Posted 23 August 2014 - 03:58 PM

Member

Topic Starter
Member
122 posts

I use AVG for virus protection, and Zone Alarm as a firewall. Norton came installed with the system, but I don't have it running. I tried Comodo in the past, but I was not happy with it, and I didn't think that it was running at all. As a matter of fact, I thought that I had removed the program.

#18
Essexboy

Posted 24 August 2014 - 03:01 AM

GeekU Moderator

Retired Staff
69,964 posts

The Norton removal tool is available here https://support.nort...erProfile_en_us

After running this could you let me know how the system is behaving

#19
azul20

Posted 25 August 2014 - 06:48 PM

Member

Topic Starter
Member
122 posts

I ran the Norton removal tool yesterday. Earlier today I had to force a restart because the laptop froze.

#20
Essexboy

Posted 26 August 2014 - 07:26 AM

GeekU Moderator

Retired Staff
69,964 posts

Some comodo files are also showing in the error logs
Could you uninstall comodo using control panel and then follow the instructions here http://forums.comodo.../-t71897.0.html to remove the remnants
Once done could you run a fresh FRST scan please, include the additions

#21
azul20

Posted 27 August 2014 - 03:59 AM

Member

Topic Starter
Member
122 posts

Hello,

I can't find anything from Comodo in add/remove programs. I must have removed it from there awhile ago. I downloaded the uninstaller, but it is giving me twelve uninstall options. Can you please tell me which one I should select, or do you think that I should run all of them? Thank you for continuing to help me.

#22
Essexboy

Posted 27 August 2014 - 06:51 AM

GeekU Moderator

Retired Staff
69,964 posts

If you are not sure then run all of them, if there is nothing there then no harm will be done

#23
azul20

Posted 28 August 2014 - 09:29 PM

Member

Topic Starter
Member
122 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014

Ran by TFOX at 2014-08-28 19:42:23

Running from C:\Users\TFOX\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)

AMD Accelerated Video Transcoding (Version: 12.5.100.20912 - Advanced Micro Devices, Inc.) Hidden

AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{403A4E7A-D239-04D8-6A3D-31DD203C018D}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)

AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)

AMD VISION Engine Control Center (x32 Version: 2012.0912.1709.28839 - Advanced Micro Devices, Inc.) Hidden

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4745 - AVG Technologies)

AVG 2014 (Version: 14.0.4015 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4745 - AVG Technologies) Hidden

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2012.0912.1709.28839 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2012.0912.1709.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2012.0912.1708.28839 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2012.0912.1709.28839 - Advanced Micro Devices, Inc.) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)

CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)

CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden

CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)

CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)

Emsisoft Anti-Malware 5.1 (HKLM-x32\...\Emsisoft Anti-Malware_is1) (Version: 5.1 - Emsi Software GmbH)

E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )

Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)

Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden

Opera Stable 23.0.1522.77 (HKLM-x32\...\Opera 23.0.1522.77) (Version: 23.0.1522.77 - Opera Software ASA)

Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)

Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)

Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.2 - Samsung Electronics CO., LTD.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)

Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.10 - Samsung Electronics CO., LTD.)

S Agent (Version: 1.1.47 - Samsung Electronics CO., LTD.) Hidden

S Service (HKLM-x32\...\{E8336EA1-40A2-48A1-80E8-B78F9EEAB23F}) (Version: 1.0 - Samsung Electronics CO., LTD.)

Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)

Support Center (HKLM\...\{AB0DEFBB-1A16-47B5-86D2-39F0A2B24AE4}) (Version: 2.1.1210 - Samsung Electronics CO., LTD.)

Support Center FAQ (x32 Version: 1.0.14 - Samsung Electronics CO., LTD.) Hidden

SW Update (HKLM-x32\...\{D2B5F1E3-EA56-4D84-A453-A213B32974CB}) (Version: 2.1.25 - Samsung Electronics CO., LTD.)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.2 - Synaptics Incorporated)

User Guide (HKLM-x32\...\{2888FDD1-5EEC-4D56-84B7-4D20DAC0E090}) (Version: 1.3.00 - Samsung Electronics CO., LTD.)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)

Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)

ZoneAlarm Firewall (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden

ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.2.015.000 - Check Point)

ZoneAlarm Security (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden

ZoneAlarm Security Toolbar (HKCU\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)

ZoneAlarm Security Toolbar (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

14-08-2014 04:58:56 Removed ESET NOD32 Antivirus

24-08-2014 00:14:31 Scheduled Checkpoint

28-08-2014 03:17:19 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00475E44-06A5-4FD0-A843-0AC3C43C6946} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)

Task: {01A49552-474E-4584-88E3-8F4929E16B6A} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-03-21] (SEC)

Task: {01F348CB-C204-4860-B8A1-49502172257E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-16] (Microsoft Corporation)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)

Task: {35BA7A3B-85EA-43E2-A818-8BB2C3A59DD5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {54201FF3-D875-4DFB-90B3-4753E3922373} - System32\Tasks\Opera scheduled Autoupdate 1404001885 => C:\Program Files (x86)\Opera\launcher.exe [2014-08-14] (Opera Software)

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {844EF206-E717-4A6C-B8CF-D237FC2EF6BB} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-03-19] (Samsung Electronics CO., LTD.)

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8A68132E-48F6-49AD-9C34-85602401CF4E} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-10-16] (Synaptics Incorporated)

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {B2822C2F-D7CF-41D1-9B5B-3BF3910C9D11} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)

Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics

Task: {C10D3984-E40A-4410-B5E4-54FEC01F7AAB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)

Task: {C7698574-B7AB-46E4-8592-5B5A123A6101} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation

Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: {F3977534-62E9-4971-825F-CF7BEBAD3C07} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Loaded Modules (whitelisted) =============

2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe

2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2014-01-07 01:29 - 2014-01-07 01:29 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll

2014-01-07 01:26 - 2014-01-07 01:26 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll

2014-01-07 01:32 - 2014-01-07 01:32 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

2014-03-19 11:41 - 2014-03-19 11:41 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll

2014-08-19 13:32 - 2014-08-19 13:32 - 01401464 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\opera_crashreporter.exe

2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll

2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll

2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll

2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll

2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll

2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll

2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll

2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll

2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll

2012-10-19 18:01 - 2012-06-07 20:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

2012-06-07 19:34 - 2012-06-07 19:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

2014-08-19 13:32 - 2014-08-19 13:32 - 00880248 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\libglesv2.dll

2014-08-19 13:32 - 2014-08-19 13:32 - 00135800 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\libegl.dll

2014-08-19 13:32 - 2014-08-19 13:32 - 00957048 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (08/28/2014 08:47:15 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (08/27/2014 03:55:01 PM) (Source: SideBySide) (EventID: 78) (User: )

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (08/27/2014 01:33:36 PM) (Source: SideBySide) (EventID: 78) (User: )

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (08/27/2014 06:19:48 AM) (Source: SideBySide) (EventID: 78) (User: )

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (08/27/2014 06:00:25 AM) (Source: SideBySide) (EventID: 78) (User: )

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (08/27/2014 04:56:02 AM) (Source: SideBySide) (EventID: 78) (User: )

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (08/27/2014 02:48:45 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)

Description: There was an error with the Windows Location Provider database

Error: (08/26/2014 03:46:03 AM) (Source: SideBySide) (EventID: 78) (User: )

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (08/25/2014 04:56:40 AM) (Source: SideBySide) (EventID: 78) (User: )

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (08/24/2014 03:45:19 AM) (Source: SideBySide) (EventID: 78) (User: )

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

System errors:

=============

Error: (08/28/2014 05:55:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error:

%%1058

Error: (08/28/2014 05:52:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:

%%31

Error: (08/28/2014 05:52:44 PM) (Source: APXACC) (EventID: 1003) (User: )

Description: The NDIS6 LWF initialization has failed. (0xC0000001)

Error: (08/28/2014 05:49:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:

%%31

Error: (08/28/2014 05:49:15 PM) (Source: APXACC) (EventID: 1003) (User: )

Description: The NDIS6 LWF initialization has failed. (0xC0000001)

Error: (08/28/2014 05:49:13 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 5:31:22 PM on ‎8/‎28/‎2014 was unexpected.

Error: (08/28/2014 08:47:03 AM) (Source: DCOM) (EventID: 10010) (User: Fox)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/28/2014 08:46:33 AM) (Source: DCOM) (EventID: 10010) (User: Fox)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/28/2014 02:52:34 AM) (Source: cdrom) (EventID: 15) (User: )

Description: The device, \Device\CdRom0, is not ready for access yet.

Error: (08/27/2014 05:38:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error:

%%1058

Microsoft Office Sessions:

=========================

Error: (08/28/2014 08:47:15 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (08/27/2014 03:55:01 PM) (Source: SideBySide) (EventID: 78) (User: )

Error: (08/27/2014 01:33:36 PM) (Source: SideBySide) (EventID: 78) (User: )

Error: (08/27/2014 06:19:48 AM) (Source: SideBySide) (EventID: 78) (User: )

Error: (08/27/2014 06:00:25 AM) (Source: SideBySide) (EventID: 78) (User: )

Error: (08/27/2014 04:56:02 AM) (Source: SideBySide) (EventID: 78) (User: )

Error: (08/27/2014 02:48:45 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)

Description: -2147024883

Error: (08/26/2014 03:46:03 AM) (Source: SideBySide) (EventID: 78) (User: )

Error: (08/25/2014 04:56:40 AM) (Source: SideBySide) (EventID: 78) (User: )

Error: (08/24/2014 03:45:19 AM) (Source: SideBySide) (EventID: 78) (User: )

CodeIntegrity Errors:

===================================

Date: 2014-08-14 13:47:18.538

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD A6-4400M APU with Radeon™ HD Graphics

Percentage of memory in use: 35%

Total physical RAM: 3547.1 MB

Available physical RAM: 2288.32 MB

Total Pagefile: 4187.1 MB

Available Pagefile: 2494.75 MB

Total Virtual: 131072 MB

Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:439.99 GB) (Free:407.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 8D49466C)

Partition: GPT Partition Type.

==================== End Of Log ============================

#24
azul20

Posted 28 August 2014 - 09:57 PM

Member

Topic Starter
Member
122 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014

Ran by TFOX (administrator) on FOX on 28-08-2014 19:40:56

Running from C:\Users\TFOX\Desktop

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

(Emsi Software GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe

() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe

(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe

(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe

() C:\Program Files (x86)\Opera\23.0.1522.77\opera_crashreporter.exe

(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917688 2012-10-16] (Synaptics Incorporated)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-12] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-10] (Symantec Corporation)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)

HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)

HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)

HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-05-30] (Check Point Software Technologies Ltd.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)

HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2014-01-07] ( (Qualcomm®Atheros®))

HKU\S-1-5-21-1746658525-1637020874-184723657-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2014-03-18] (Microsoft Corporation)

HKU\S-1-5-21-1746658525-1637020874-184723657-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-21-1746658525-1637020874-184723657-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1

HKU\S-1-5-21-1746658525-1637020874-184723657-1001\...\Policies\Explorer: [NoResolveSearch] 1

HKU\S-1-5-21-1746658525-1637020874-184723657-1001\...\Policies\Explorer: [NoInternetOpenWith] 1

BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com

SearchScopes: HKLM - {1F3B464E-B7C3-4993-AAA9-CE041DA631B3} URL = http://www.bing.com/...E10TR&pc=MASMJS

SearchScopes: HKLM-x32 - {1F3B464E-B7C3-4993-AAA9-CE041DA631B3} URL = http://www.bing.com/...E10TR&pc=MASMJS

SearchScopes: HKCU - {1F3B464E-B7C3-4993-AAA9-CE041DA631B3} URL =

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:

========

FF ProfilePath: C:\Users\TFOX\AppData\Roaming\Mozilla\Firefox\Profiles\7t5mzkd2.default-1406505348723

FF Homepage: https://www.google.com/?gws_rd=ssl

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Extension: PrivDog - C:\Users\TFOX\AppData\Roaming\Mozilla\Firefox\Profiles\7t5mzkd2.default-1406505348723\Extensions\[email protected] [2014-08-19]

FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:

=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [3045688 2011-10-03] (Emsi Software GmbH)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2014-01-07] (Windows ® Win 7 DDK provider)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)

R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-10] (Symantec Corporation)

R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020632 2014-04-04] (Samsung Electronics CO., LTD.)

R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-05-30] (Check Point Software Technologies Ltd.)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-15] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-15] (Microsoft Corporation)

R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [90936 2014-05-29] (Check Point Software Technologies, Ltd.)

R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-01-07] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [85800 2011-02-20] (Emsi Software GmbH)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)

S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-22] (AppEx Networks Corporation)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-20] (Advanced Micro Devices)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [270104 2014-06-30] (AVG Technologies CZ, s.r.o.)

R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [223432 2014-01-07] (Qualcomm Atheros)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-01-07] (Qualcomm Atheros)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)

R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-24] (CyberLink)

R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows ® Win 7 DDK provider)

R1 vrvd5; C:\Windows\system32\DRIVERS\vrvd5.sys [13344 2014-06-14] (Rsupport Corporation)

R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450968 2014-05-30] (Check Point Software Technologies Ltd.)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-15] (Microsoft Corporation)

S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-28 19:37 - 2014-08-28 19:37 - 05075834 _____ () C:\Users\TFOX\Downloads\Setup (2).zip

2014-08-28 18:23 - 2014-08-28 18:23 - 00000000 ___RD () C:\Users\TFOX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-08-27 19:29 - 2014-08-22 17:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-08-27 19:22 - 2014-08-27 19:22 - 01066953 _____ () C:\Users\TFOX\Downloads\New_Player (1).exe.opdownload

2014-08-27 19:11 - 2014-08-27 19:11 - 02730720 _____ () C:\Users\TFOX\Downloads\New_Player.exe

2014-08-27 18:50 - 2014-08-27 18:50 - 05075834 _____ () C:\Users\TFOX\Downloads\Setup (1).zip

2014-08-27 02:52 - 2014-08-27 02:52 - 00000000 ____D () C:\Users\TFOX\AppData\Roaming\Uninstaller Tool(Comodo Forums)

2014-08-27 02:51 - 2014-08-27 02:52 - 05075834 _____ () C:\Users\TFOX\Downloads\Setup.zip

2014-08-24 19:17 - 2014-08-24 19:17 - 00000000 ____D () C:\ProgramData\Symantec

2014-08-24 18:44 - 2014-08-24 18:44 - 00869456 _____ () C:\Users\TFOX\Downloads\Norton_Removal_Tool.exe

2014-08-22 18:30 - 2014-08-22 20:00 - 00000000 ____D () C:\AdwCleaner

2014-08-22 18:30 - 2014-08-22 18:30 - 01364531 _____ () C:\Users\TFOX\Downloads\AdwCleaner.exe

2014-08-19 16:44 - 2014-08-19 16:45 - 00035453 _____ () C:\Users\TFOX\Downloads\Result.txt

2014-08-19 16:43 - 2014-08-19 16:43 - 00401920 _____ (Farbar) C:\Users\TFOX\Downloads\MiniToolBox.exe

2014-08-16 17:52 - 2014-08-16 17:52 - 00001910 _____ () C:\Users\TFOX\Desktop\aswMBR.txt

2014-08-16 17:52 - 2014-08-16 17:52 - 00000512 _____ () C:\Users\TFOX\Desktop\MBR.dat

2014-08-16 15:59 - 2014-08-16 15:59 - 05185536 _____ (AVAST Software) C:\Users\TFOX\Downloads\aswmbr.exe

2014-08-16 14:14 - 2014-08-28 19:40 - 02103296 _____ (Farbar) C:\Users\TFOX\Desktop\FRST64.exe

2014-08-16 14:14 - 2014-08-28 19:40 - 00000000 ____D () C:\Users\TFOX\Desktop\FRST-OlderVersion

2014-08-15 13:43 - 2014-08-15 13:44 - 00034260 _____ () C:\Users\TFOX\Desktop\Addition.txt

2014-08-15 13:41 - 2014-08-28 19:41 - 00014154 _____ () C:\Users\TFOX\Desktop\FRST.txt

2014-08-15 13:41 - 2014-08-28 19:40 - 00000000 ____D () C:\FRST

2014-08-15 13:36 - 2014-08-15 13:36 - 02100224 _____ (Farbar) C:\Users\TFOX\Downloads\FRST64.exe

2014-08-14 15:57 - 2014-08-14 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-14 15:57 - 2014-08-14 15:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-14 15:57 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-08-14 15:57 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2014-08-14 15:57 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-08-14 15:56 - 2014-08-14 15:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\TFOX\Downloads\mbam-setup-2.0.2.1012 (1).exe

2014-08-14 13:36 - 2014-08-14 13:36 - 00000000 ____D () C:\Users\TFOX\AppData\Local\AdTrustMedia

2014-08-14 13:34 - 2014-08-14 13:34 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll

2014-08-14 13:34 - 2014-08-14 13:34 - 00000000 ____D () C:\Program Files\AdTrustMedia

2014-08-14 13:32 - 2014-08-14 13:32 - 00000000 ____D () C:\ProgramData\Adtrustmedia

2014-08-14 13:31 - 2014-08-14 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo

2014-08-14 13:31 - 2014-08-14 15:47 - 00000000 ____D () C:\Program Files\COMODO

2014-08-14 13:29 - 2014-08-14 15:47 - 00000000 ____D () C:\ProgramData\Comodo

2014-08-14 13:23 - 2014-08-14 13:28 - 230403208 _____ (COMODO) C:\Users\TFOX\Downloads\cav_installer.exe

2014-08-14 11:24 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-08-14 11:24 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-08-14 11:24 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2014-08-14 11:24 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-08-14 11:24 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2014-08-14 11:24 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-08-14 11:24 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-08-14 11:24 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-08-14 11:24 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2014-08-14 11:24 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-08-14 11:24 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll

2014-08-14 11:24 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-08-14 11:24 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-08-14 11:24 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-08-14 11:24 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-08-14 11:24 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-08-14 11:24 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-08-14 11:24 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-08-14 11:24 - 2014-07-25 04:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-08-14 11:24 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-14 11:24 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-08-14 11:24 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-08-14 11:24 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-08-14 11:24 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-08-14 11:24 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-08-14 11:24 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-08-14 11:24 - 2014-07-25 04:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-08-14 11:24 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-08-14 11:24 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-08-14 11:24 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-08-14 11:24 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-08-14 11:24 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-08-14 11:24 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-08-14 11:24 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-08-14 11:24 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-08-14 11:22 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll

2014-08-14 11:22 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2014-08-14 11:22 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2014-08-14 11:22 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2014-08-14 11:22 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2014-08-14 11:22 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2014-08-14 11:18 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe

2014-08-14 11:18 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll

2014-08-14 11:18 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll

2014-08-14 11:18 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll

2014-08-14 11:18 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-08-14 11:18 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-08-14 11:18 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-08-14 11:18 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2014-08-14 11:18 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2014-08-14 11:18 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-08-14 11:18 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll

2014-08-14 11:18 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll

2014-08-14 11:18 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2014-08-14 11:18 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2014-08-14 11:18 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll

2014-08-14 11:18 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll

2014-08-14 11:18 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2014-08-14 11:18 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2014-08-14 11:18 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll

2014-08-14 11:18 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll

2014-08-14 11:18 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll

2014-08-14 11:18 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll

2014-08-14 11:18 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll

2014-08-14 11:18 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2014-08-14 11:18 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2014-08-14 11:18 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2014-08-14 11:18 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll

2014-08-14 11:18 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2014-08-14 11:18 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

2014-08-14 11:17 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-08-14 11:17 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-08-14 11:17 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll

2014-08-14 11:17 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll

2014-08-14 11:17 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2014-08-14 11:17 - 2014-05-31 03:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2014-08-14 11:17 - 2014-05-31 03:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys

2014-08-14 11:17 - 2014-05-31 03:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys

2014-08-14 11:17 - 2014-05-31 03:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys

2014-08-14 11:17 - 2014-05-31 03:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys

2014-08-14 11:17 - 2014-05-30 23:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys

2014-08-14 11:17 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys

2014-08-14 11:17 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys

2014-08-14 11:17 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys

2014-08-14 11:17 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe

2014-08-14 11:17 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll

2014-08-14 11:17 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll

2014-08-14 11:17 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-08-14 11:17 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll

2014-08-14 11:17 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll

2014-08-14 11:17 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2014-08-14 11:17 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2014-08-14 11:17 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe

2014-08-14 11:17 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2014-08-14 11:17 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-08-14 11:17 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2014-08-14 11:17 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll

2014-08-14 11:17 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll

2014-08-14 11:17 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll

2014-08-14 11:17 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll

2014-08-14 11:17 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat

2014-08-14 11:17 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys

2014-08-14 11:17 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys

2014-08-14 11:17 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys

2014-08-14 11:17 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe

2014-08-14 11:17 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe

2014-08-14 11:17 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll

2014-08-14 11:17 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll

2014-08-14 11:17 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2014-08-14 11:17 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2014-08-14 11:17 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll

2014-08-14 11:17 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll

2014-08-14 11:17 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll

2014-08-14 11:17 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll

2014-08-14 11:17 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll

2014-08-14 11:16 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2014-08-14 11:16 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2014-08-14 11:16 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2014-08-14 11:16 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2014-08-14 11:16 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe

2014-08-14 11:16 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll

2014-08-14 11:16 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2014-08-14 11:16 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll

2014-08-14 11:16 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2014-08-14 11:16 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2014-08-14 11:16 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2014-08-13 17:42 - 2014-08-13 17:42 - 00000000 ____D () C:\Program Files\ESET

2014-08-13 17:37 - 2014-08-13 17:37 - 01696192 _____ (ESET) C:\Users\TFOX\Downloads\eset_nod32_antivirus_live_installer.exe

2014-08-06 14:44 - 2014-08-06 14:44 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-08-06 14:43 - 2014-08-06 14:43 - 02347384 _____ (ESET) C:\Users\TFOX\Downloads\esetsmartinstaller_enu(1).exe

2014-08-03 10:53 - 2014-08-03 10:53 - 00001321 _____ () C:\Users\TFOX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton Online Backup.lnk

2014-08-01 13:55 - 2014-08-01 13:55 - 02347384 _____ (ESET) C:\Users\TFOX\Downloads\esetsmartinstaller_enu.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-28 19:41 - 2014-08-15 13:41 - 00014154 _____ () C:\Users\TFOX\Desktop\FRST.txt

2014-08-28 19:40 - 2014-08-16 14:14 - 02103296 _____ (Farbar) C:\Users\TFOX\Desktop\FRST64.exe

2014-08-28 19:40 - 2014-08-16 14:14 - 00000000 ____D () C:\Users\TFOX\Desktop\FRST-OlderVersion

2014-08-28 19:40 - 2014-08-15 13:41 - 00000000 ____D () C:\FRST

2014-08-28 19:37 - 2014-08-28 19:37 - 05075834 _____ () C:\Users\TFOX\Downloads\Setup (2).zip

2014-08-28 19:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-08-28 18:59 - 2014-06-14 23:49 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-08-28 18:44 - 2012-10-19 18:03 - 00000360 _____ () C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job

2014-08-28 18:24 - 2012-10-19 17:55 - 00000000 ____D () C:\ProgramData\WinClon

2014-08-28 18:23 - 2014-08-28 18:23 - 00000000 ___RD () C:\Users\TFOX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-08-28 17:57 - 2014-03-18 03:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-08-28 17:56 - 2014-06-15 19:24 - 00000000 ____D () C:\Users\TFOX

2014-08-28 17:56 - 2014-06-14 19:45 - 00000000 ____D () C:\ProgramData\MFAData

2014-08-28 17:52 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-08-28 17:52 - 2013-08-22 07:44 - 00481832 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-08-28 17:46 - 2014-06-16 16:06 - 00003902 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{43CA6609-76D2-430A-8A0E-33F0A2E00768}

2014-08-28 10:18 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-08-27 20:18 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-08-27 19:22 - 2014-08-27 19:22 - 01066953 _____ () C:\Users\TFOX\Downloads\New_Player (1).exe.opdownload

2014-08-27 19:11 - 2014-08-27 19:11 - 02730720 _____ () C:\Users\TFOX\Downloads\New_Player.exe

2014-08-27 18:50 - 2014-08-27 18:50 - 05075834 _____ () C:\Users\TFOX\Downloads\Setup (1).zip

2014-08-27 02:52 - 2014-08-27 02:52 - 00000000 ____D () C:\Users\TFOX\AppData\Roaming\Uninstaller Tool(Comodo Forums)

2014-08-27 02:52 - 2014-08-27 02:51 - 05075834 _____ () C:\Users\TFOX\Downloads\Setup.zip

2014-08-26 05:01 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-08-24 19:17 - 2014-08-24 19:17 - 00000000 ____D () C:\ProgramData\Symantec

2014-08-24 19:14 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-08-24 18:45 - 2012-10-19 17:52 - 00000000 ____D () C:\ProgramData\Norton

2014-08-24 18:44 - 2014-08-24 18:44 - 00869456 _____ () C:\Users\TFOX\Downloads\Norton_Removal_Tool.exe

2014-08-22 20:00 - 2014-08-22 18:30 - 00000000 ____D () C:\AdwCleaner

2014-08-22 18:30 - 2014-08-22 18:30 - 01364531 _____ () C:\Users\TFOX\Downloads\AdwCleaner.exe

2014-08-22 17:42 - 2014-08-27 19:29 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-08-20 16:34 - 2014-06-14 01:14 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1746658525-1637020874-184723657-1001

2014-08-19 16:45 - 2014-08-19 16:44 - 00035453 _____ () C:\Users\TFOX\Downloads\Result.txt

2014-08-19 16:43 - 2014-08-19 16:43 - 00401920 _____ (Farbar) C:\Users\TFOX\Downloads\MiniToolBox.exe

2014-08-19 13:32 - 2014-06-28 17:31 - 00003818 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1404001885

2014-08-19 13:32 - 2014-06-14 01:54 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-08-16 17:52 - 2014-08-16 17:52 - 00001910 _____ () C:\Users\TFOX\Desktop\aswMBR.txt

2014-08-16 17:52 - 2014-08-16 17:52 - 00000512 _____ () C:\Users\TFOX\Desktop\MBR.dat

2014-08-16 15:59 - 2014-08-16 15:59 - 05185536 _____ (AVAST Software) C:\Users\TFOX\Downloads\aswmbr.exe

2014-08-16 15:51 - 2014-07-26 13:52 - 00000000 ____D () C:\Users\TFOX\Documents\Anti-Malware

2014-08-16 14:14 - 2012-10-19 17:51 - 00000000 ____D () C:\Users\EasySurvey

2014-08-16 14:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-08-16 13:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-08-16 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer

2014-08-16 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager

2014-08-16 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera

2014-08-16 09:42 - 2014-06-14 19:03 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-08-16 09:38 - 2014-06-14 19:03 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-08-15 13:45 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports

2014-08-15 13:44 - 2014-08-15 13:43 - 00034260 _____ () C:\Users\TFOX\Desktop\Addition.txt

2014-08-15 13:36 - 2014-08-15 13:36 - 02100224 _____ (Farbar) C:\Users\TFOX\Downloads\FRST64.exe

2014-08-14 15:57 - 2014-08-14 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-14 15:57 - 2014-08-14 15:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-14 15:56 - 2014-08-14 15:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\TFOX\Downloads\mbam-setup-2.0.2.1012 (1).exe

2014-08-14 15:50 - 2014-08-14 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo

2014-08-14 15:48 - 2014-07-17 18:09 - 00000121 _____ () C:\WINDOWS\wininit.ini

2014-08-14 15:47 - 2014-08-14 13:31 - 00000000 ____D () C:\Program Files\COMODO

2014-08-14 15:47 - 2014-08-14 13:29 - 00000000 ____D () C:\ProgramData\Comodo

2014-08-14 15:23 - 2014-07-13 13:47 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-08-14 13:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions

2014-08-14 13:36 - 2014-08-14 13:36 - 00000000 ____D () C:\Users\TFOX\AppData\Local\AdTrustMedia

2014-08-14 13:35 - 2012-07-25 22:37 - 00000000 ____D () C:\Users\Default.migrated

2014-08-14 13:34 - 2014-08-14 13:34 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll

2014-08-14 13:34 - 2014-08-14 13:34 - 00000000 ____D () C:\Program Files\AdTrustMedia

2014-08-14 13:32 - 2014-08-14 13:32 - 00000000 ____D () C:\ProgramData\Adtrustmedia

2014-08-14 13:28 - 2014-08-14 13:23 - 230403208 _____ (COMODO) C:\Users\TFOX\Downloads\cav_installer.exe

2014-08-14 12:54 - 2014-07-16 22:39 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-08-14 12:54 - 2014-07-16 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-08-14 11:15 - 2014-03-18 03:13 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2014-08-14 11:09 - 2014-06-15 19:58 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2014-08-14 11:04 - 2014-03-18 03:13 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-08-14 11:04 - 2013-08-22 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-08-14 11:04 - 2013-08-22 04:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll

2014-08-14 11:04 - 2013-08-22 04:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-08-14 11:04 - 2013-08-22 04:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-08-14 11:04 - 2013-08-21 21:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-08-14 11:04 - 2013-08-21 20:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll

2014-08-14 11:04 - 2013-08-21 20:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2014-08-14 11:04 - 2013-08-21 20:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll

2014-08-14 11:03 - 2014-03-18 03:13 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2014-08-14 11:03 - 2014-03-18 03:13 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-08-14 11:03 - 2013-08-22 04:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-08-14 11:03 - 2013-08-22 04:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-08-14 11:03 - 2013-08-22 03:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-08-14 11:03 - 2013-08-21 20:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2014-08-14 11:03 - 2013-08-21 20:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe

2014-08-13 17:42 - 2014-08-13 17:42 - 00000000 ____D () C:\Program Files\ESET

2014-08-13 17:37 - 2014-08-13 17:37 - 01696192 _____ (ESET) C:\Users\TFOX\Downloads\eset_nod32_antivirus_live_installer.exe

2014-08-06 19:12 - 2014-08-14 11:16 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2014-08-06 15:38 - 2014-08-14 11:17 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-08-06 14:44 - 2014-08-06 14:44 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-08-06 14:43 - 2014-08-06 14:43 - 02347384 _____ (ESET) C:\Users\TFOX\Downloads\esetsmartinstaller_enu(1).exe

2014-08-03 10:53 - 2014-08-03 10:53 - 00001321 _____ () C:\Users\TFOX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton Online Backup.lnk

2014-08-01 22:44 - 2014-08-14 11:17 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-08-01 20:56 - 2014-08-14 11:16 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2014-08-01 20:11 - 2014-08-14 11:16 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2014-08-01 17:17 - 2013-08-22 08:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-08-01 17:17 - 2013-08-22 08:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-08-01 13:55 - 2014-08-01 13:55 - 02347384 _____ (ESET) C:\Users\TFOX\Downloads\esetsmartinstaller_enu.exe

2014-07-29 11:59 - 2014-06-14 20:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-27 04:25

==================== End Of Log ============================

#25
Essexboy

Posted 29 August 2014 - 06:21 AM

GeekU Moderator

Retired Staff
69,964 posts

You appear to have a few side by side errors

So next we will run SFC to see if we can alleviate them

Press the Windows and X together
On the menu that pops up select Command Prompt (Admin)

In the black box that opens type the following command and then press enter :

sfc /scannow

Allow it to complete and reboot

Let me know how the computer is behaving now

#26
azul20

Posted 29 August 2014 - 09:01 PM

Member

Topic Starter
Member
122 posts

The computer did not restart after the scan was completed. Here is the message that came up in the command prompt.

Windows Resource Protection found corrupt files but was unable to fix some

of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For

example C:\Windows\Logs\CBS\CBS.log. Note that logging is currently not

supported in offline servicing scenarios.

#27
Essexboy

Posted 30 August 2014 - 04:22 AM

GeekU Moderator

Retired Staff
69,964 posts

Is the freezing still occurring ?

#28
azul20

Posted 30 August 2014 - 04:42 AM

Member

Topic Starter
Member
122 posts

May I get back to you in a day or two? I will have had a chance to use my laptop by then.

#29
Essexboy

Posted 30 August 2014 - 04:56 AM

GeekU Moderator

Retired Staff
69,964 posts

For sure

#30
azul20

Posted 02 September 2014 - 11:02 PM

Member

Topic Starter
Member
122 posts

My system is performing much faster now. Thank you very much. Can you please suggest a few ways of cleaning my system, just in case this happens again, or should I just revisit this thread in the future? Thank you again.