Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Desktop Icons & Taskbar disapear after sleep


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Perhaps uninstalling one Canon program is all you need to do. It probably took out the other two.
  • 0

Advertisements


#17
sem40

sem40

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
cannon is stil there till tomorrow

Service Pack 1 1 14 2015 14:31:29.109
Loaded driver \SystemRoot\system32\ntoskrnl.exe
Loaded driver \SystemRoot\system32\hal.dll
Loaded driver \SystemRoot\system32\kdcom.dll
Loaded driver \SystemRoot\system32\mcupdate_AuthenticAMD.dll
Loaded driver \SystemRoot\system32\PSHED.dll
Loaded driver \SystemRoot\system32\CLFS.SYS
Loaded driver \SystemRoot\system32\CI.dll
Loaded driver \SystemRoot\system32\drivers\Wdf01000.sys
Loaded driver \SystemRoot\system32\drivers\WDFLDR.SYS
Loaded driver \SystemRoot\system32\drivers\ACPI.sys
Loaded driver \SystemRoot\system32\drivers\WMILIB.SYS
Loaded driver \SystemRoot\system32\drivers\msisadrv.sys
Loaded driver \SystemRoot\system32\drivers\pci.sys
Loaded driver \SystemRoot\system32\drivers\vdrvroot.sys
Loaded driver \SystemRoot\System32\drivers\partmgr.sys
Loaded driver \SystemRoot\system32\drivers\compbatt.sys
Loaded driver \SystemRoot\system32\drivers\BATTC.SYS
Loaded driver \SystemRoot\system32\drivers\volmgr.sys
Loaded driver \SystemRoot\System32\drivers\volmgrx.sys
Loaded driver \SystemRoot\System32\drivers\mountmgr.sys
Loaded driver \SystemRoot\system32\drivers\atapi.sys
Loaded driver \SystemRoot\system32\drivers\ataport.SYS
Loaded driver \SystemRoot\system32\drivers\msahci.sys
Loaded driver \SystemRoot\system32\drivers\PCIIDEX.SYS
Loaded driver \SystemRoot\system32\DRIVERS\amd_sata.sys
Loaded driver \SystemRoot\system32\DRIVERS\storport.sys
Loaded driver \SystemRoot\system32\DRIVERS\amd_xata.sys
Loaded driver \SystemRoot\system32\drivers\amdxata.sys
Loaded driver \SystemRoot\system32\drivers\fltmgr.sys
Loaded driver \SystemRoot\system32\drivers\fileinfo.sys
Loaded driver \SystemRoot\System32\Drivers\Ntfs.sys
Loaded driver \SystemRoot\System32\Drivers\msrpc.sys
Loaded driver \SystemRoot\System32\Drivers\ksecdd.sys
Loaded driver \SystemRoot\System32\Drivers\cng.sys
Loaded driver \SystemRoot\System32\drivers\pcw.sys
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.sys
Loaded driver \SystemRoot\system32\drivers\ndis.sys
Loaded driver \SystemRoot\system32\drivers\NETIO.SYS
Loaded driver \SystemRoot\System32\Drivers\ksecpkg.sys
Loaded driver \SystemRoot\System32\drivers\tcpip.sys
Loaded driver \SystemRoot\System32\drivers\fwpkclnt.sys
Loaded driver \SystemRoot\system32\drivers\vmstorfl.sys
Loaded driver \SystemRoot\system32\drivers\volsnap.sys
Loaded driver \SystemRoot\System32\Drivers\spldr.sys
Loaded driver \SystemRoot\System32\drivers\rdyboost.sys
Loaded driver \SystemRoot\System32\Drivers\mup.sys
Loaded driver \SystemRoot\System32\drivers\hwpolicy.sys
Loaded driver \SystemRoot\System32\DRIVERS\fvevol.sys
Loaded driver \SystemRoot\system32\drivers\disk.sys
Loaded driver \SystemRoot\system32\drivers\CLASSPNP.SYS
Loaded driver \SystemRoot\system32\DRIVERS\AtiPcie.sys
Loaded driver \SystemRoot\System32\Drivers\aswVmm.sys
Loaded driver \SystemRoot\System32\Drivers\aswRvrt.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\system32\drivers\aswSnx.sys
Loaded driver \SystemRoot\system32\drivers\aswSP.sys
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\system32\drivers\rdpencdd.sys
Loaded driver \SystemRoot\system32\drivers\rdprefmp.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\tdx.sys
Loaded driver \SystemRoot\system32\drivers\afd.sys
Loaded driver \SystemRoot\system32\drivers\aswRdr2.sys
Loaded driver \SystemRoot\System32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\system32\DRIVERS\wfplwf.sys
Loaded driver \SystemRoot\system32\DRIVERS\pacer.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
Loaded driver \SystemRoot\system32\DRIVERS\wanarp.sys
Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys
Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\system32\drivers\nsiproxy.sys
Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys
Loaded driver \SystemRoot\System32\drivers\discache.sys
Loaded driver \SystemRoot\system32\drivers\csc.sys
Loaded driver \SystemRoot\System32\Drivers\dfsc.sys
Loaded driver \SystemRoot\system32\DRIVERS\blbdrive.sys
Loaded driver \SystemRoot\system32\DRIVERS\tunnel.sys
Loaded driver \SystemRoot\system32\DRIVERS\amdppm.sys
Loaded driver \SystemRoot\system32\DRIVERS\atikmdag.sys
Loaded driver \SystemRoot\System32\drivers\dxgkrnl.sys
Loaded driver \SystemRoot\system32\DRIVERS\atikmpag.sys
Loaded driver \SystemRoot\system32\DRIVERS\HDAudBus.sys
Loaded driver \SystemRoot\system32\DRIVERS\k57nd60a.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbohci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\VSTBS26.SYS
Loaded driver \SystemRoot\system32\DRIVERS\VSTDPV6.SYS
Loaded driver \SystemRoot\system32\DRIVERS\VSTCNXT6.SYS
Loaded driver \SystemRoot\system32\drivers\modem.sys
Loaded driver \SystemRoot\system32\DRIVERS\CompositeBus.sys
Loaded driver \SystemRoot\system32\DRIVERS\AgileVpn.sys
Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\system32\DRIVERS\rassstp.sys
Loaded driver \SystemRoot\system32\DRIVERS\rdpbus.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\amdiox64.sys
Loaded driver \SystemRoot\system32\DRIVERS\umbus.sys
Did not load driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\system32\drivers\AtihdW76.sys
Loaded driver \SystemRoot\system32\drivers\ksthunk.sys
Loaded driver \SystemRoot\system32\drivers\HdAudio.sys
Loaded driver \SystemRoot\system32\DRIVERS\USBSTOR.SYS
Loaded driver \SystemRoot\system32\DRIVERS\hidusb.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbccgp.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouhid.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbscan.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbprint.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdhid.sys
Loaded driver \SystemRoot\system32\DRIVERS\monitor.sys
Loaded driver \SystemRoot\System32\Drivers\fastfat.SYS
Loaded driver \SystemRoot\system32\drivers\luafv.sys
Loaded driver \SystemRoot\system32\drivers\aswMonFlt.sys
Loaded driver \SystemRoot\system32\drivers\aswStm.sys
Loaded driver \SystemRoot\system32\DRIVERS\lltdio.sys
Loaded driver \SystemRoot\system32\DRIVERS\rspndr.sys
Loaded driver \SystemRoot\system32\drivers\HTTP.sys
Loaded driver \SystemRoot\system32\DRIVERS\bowser.sys
Loaded driver \SystemRoot\System32\drivers\mpsdrv.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb10.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb20.sys
Loaded driver \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
Loaded driver \SystemRoot\system32\drivers\aswHwid.sys
Loaded driver \SystemRoot\system32\drivers\peauth.sys
Loaded driver \SystemRoot\System32\Drivers\secdrv.SYS
Loaded driver \SystemRoot\System32\DRIVERS\srvnet.sys
Loaded driver \SystemRoot\System32\drivers\tcpipreg.sys
Loaded driver \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
Loaded driver \SystemRoot\System32\DRIVERS\srv2.sys
Loaded driver \SystemRoot\System32\DRIVERS\srv.sys
Did not load driver \SystemRoot\System32\DRIVERS\srv.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdfs.sys
Loaded driver \SystemRoot\system32\drivers\WudfPf.sys
Loaded driver \SystemRoot\system32\DRIVERS\WUDFRd.sys



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-01-2015 01
Ran by Simis (administrator) on SIMIS-PC on 14-01-2015 20:56:18
Running from C:\Users\Simis\Desktop
Loaded Profiles: Simis (Available profiles: Simis)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(DonationCoder) C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKU\S-1-5-21-3351614289-410613126-3444353104-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3351614289-410613126-3444353104-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-3351614289-410613126-3444353104-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-09-11] (Google Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3351614289-410613126-3444353104-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
HKU\S-1-5-21-3351614289-410613126-3444353104-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3351614289-410613126-3444353104-1000 -> {378E7510-12CC-4A06-9BFD-B292AE80C59D} URL = https://www.google.c...q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3351614289-410613126-3444353104-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Simis\AppData\Roaming\Mozilla\Firefox\Profiles\2xezuqkg.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: Okta Secure Web Authentication Plug-in - C:\Users\Simis\AppData\Roaming\Mozilla\Firefox\Profiles\2xezuqkg.default\Extensions\[email protected] [2014-09-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-23] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-23] (Avast Software)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-23] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-23] (Avast Software)
R3 VST64HWBS2; C:\Windows\System32\DRIVERS\VSTBS26.SYS [411136 2009-06-10] (Conexant Systems, Inc.)
R3 VST64_DPV; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Conexant Systems, Inc.)
S3 AIDA64Driver; \??\I:\AIDA64 Engineer Edition 4.50.3000\kerneld.x64 [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 20:54 - 2015-01-14 20:54 - 00017252 _____ () C:\Users\Simis\Desktop\Search.txt
2015-01-14 20:52 - 2015-01-14 20:55 - 00000768 _____ () C:\Users\Simis\Desktop\fixlist.txt
2015-01-14 20:52 - 2015-01-14 20:52 - 00000000 ____D () C:\Users\Simis\Desktop\FRST-OlderVersion
2015-01-14 19:19 - 2015-01-14 19:19 - 00000134 _____ () C:\Users\Simis\Desktop\Microsoft Fix it.url
2015-01-14 17:11 - 2015-01-14 17:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 14:34 - 2015-01-14 14:34 - 00000197 _____ () C:\Windows\system32\2015-01-14-19-34-18.077-AvastVBoxSVC.exe-3092.log
2015-01-14 14:05 - 2015-01-14 14:05 - 00017243 _____ () C:\Users\Simis\Desktop\VEW-appl.txt
2015-01-14 14:02 - 2015-01-14 14:02 - 00004323 _____ () C:\Users\Simis\Desktop\VEW.txt
2015-01-14 14:01 - 2015-01-14 14:04 - 00017243 _____ () C:\VEW.txt
2015-01-14 13:58 - 2015-01-14 13:58 - 00061440 _____ ( ) C:\Users\Simis\Desktop\VEW.exe
2015-01-14 13:45 - 2015-01-14 13:45 - 00000197 _____ () C:\Windows\system32\2015-01-14-18-45-34.020-AvastVBoxSVC.exe-3128.log
2015-01-14 13:38 - 2015-01-14 13:38 - 00000197 _____ () C:\Windows\system32\2015-01-14-18-38-35.073-AvastVBoxSVC.exe-3040.log
2015-01-13 16:29 - 2015-01-13 16:29 - 00000197 _____ () C:\Windows\system32\2015-01-13-21-29-11.009-AvastVBoxSVC.exe-4280.log
2015-01-13 15:30 - 2015-01-13 15:30 - 05317104 _____ (Piriform Ltd) C:\Users\Simis\Downloads\ccsetup501(1).exe
2015-01-13 14:18 - 2015-01-13 14:18 - 00000197 _____ () C:\Windows\system32\2015-01-13-19-18-15.012-AvastVBoxSVC.exe-3136.log
2015-01-12 15:45 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-12 15:45 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-08 17:47 - 2015-01-13 13:42 - 00001043 _____ () C:\Users\Simis\Desktop\TeamViewer 10.lnk
2015-01-08 17:43 - 2015-01-08 17:43 - 00000000 ____D () C:\Users\Simis\AppData\Local\TeamViewer
2015-01-08 17:16 - 2015-01-13 13:56 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-08 17:16 - 2015-01-13 13:49 - 00000000 ____D () C:\Users\Simis\AppData\Roaming\TeamViewer
2015-01-07 16:35 - 2015-01-07 16:35 - 00000197 _____ () C:\Windows\system32\2015-01-07-21-35-53.093-AvastVBoxSVC.exe-2852.log
2015-01-07 14:45 - 2015-01-07 14:45 - 00009420 _____ () C:\Users\Simis\Downloads\msg0001.WAV
2015-01-06 15:44 - 2015-01-06 15:44 - 00000197 _____ () C:\Windows\system32\2015-01-06-20-44-20.003-AvastVBoxSVC.exe-2384.log
2015-01-06 15:06 - 2015-01-06 15:06 - 00005095 _____ () C:\Users\Simis\Desktop\System Idle Process.txt
2015-01-06 14:59 - 2015-01-06 15:00 - 00000197 _____ () C:\Windows\system32\2015-01-06-19-59-58.099-AvastVBoxSVC.exe-2476.log
2015-01-06 14:49 - 2015-01-06 14:49 - 00000197 _____ () C:\Windows\system32\2015-01-06-19-49-09.022-AvastVBoxSVC.exe-3204.log
2015-01-05 18:04 - 2015-01-05 18:04 - 00000197 _____ () C:\Windows\system32\2015-01-05-23-04-18.091-AvastVBoxSVC.exe-2412.log
2015-01-05 17:08 - 2015-01-05 17:59 - 00000000 ____D () C:\Users\Simis\Desktop\shexview
2015-01-05 17:07 - 2015-01-05 17:08 - 00066149 _____ () C:\Users\Simis\Desktop\shexview.zip
2015-01-05 16:56 - 2015-01-14 20:52 - 02125312 _____ (Farbar) C:\Users\Simis\Desktop\FRST64.exe
2015-01-05 16:56 - 2015-01-05 16:56 - 00009979 _____ () C:\Users\Simis\Desktop\Addition.txt
2015-01-05 16:55 - 2015-01-14 20:56 - 00009599 _____ () C:\Users\Simis\Desktop\FRST.txt
2015-01-05 16:54 - 2015-01-05 16:54 - 00009979 _____ () C:\Users\Simis\Downloads\Addition.txt
2015-01-05 16:53 - 2015-01-05 16:54 - 00030242 _____ () C:\Users\Simis\Downloads\FRST.txt
2015-01-05 16:52 - 2015-01-14 20:56 - 00000000 ____D () C:\FRST
2015-01-05 16:52 - 2015-01-05 16:52 - 02123776 _____ (Farbar) C:\Users\Simis\Downloads\FRST64.exe
2015-01-05 16:43 - 2015-01-05 16:43 - 00001029 _____ () C:\Users\Simis\Desktop\JRT.txt
2015-01-05 16:41 - 2015-01-05 16:41 - 00002873 _____ () C:\Users\Simis\Desktop\AdwCleaner[S0].txt
2015-01-05 16:40 - 2015-01-05 16:40 - 00000000 ____D () C:\Windows\ERUNT
2015-01-05 16:37 - 2015-01-05 16:37 - 01707939 _____ (Thisisu) C:\Users\Simis\Desktop\JRT.exe
2015-01-05 16:37 - 2015-01-05 16:37 - 00000197 _____ () C:\Windows\system32\2015-01-05-21-37-15.087-AvastVBoxSVC.exe-2988.log
2015-01-05 16:26 - 2015-01-05 16:32 - 00000000 ____D () C:\AdwCleaner
2015-01-05 16:19 - 2015-01-05 16:19 - 02173952 _____ () C:\Users\Simis\Desktop\AdwCleaner.exe
2014-12-29 15:11 - 2014-12-29 15:11 - 00000329 _____ () C:\Users\Simis\Desktop\Desktop Icons & Taskbar disapear after sleep - Virus, Spyware, Malware Removal.url
2014-12-29 14:49 - 2014-12-29 14:49 - 00000319 _____ () C:\Users\Simis\Desktop\Malware and Spyware Cleaning Guide - Virus, Spyware, Malware Removal.url
2014-12-29 14:48 - 2014-12-29 14:48 - 00058852 _____ () C:\Users\Simis\Desktop\OTL Scan 122914.txt
2014-12-29 14:47 - 2014-12-29 14:47 - 00058852 _____ () C:\Users\Simis\Desktop\OTL.Txt
2014-12-29 14:47 - 2014-12-29 14:47 - 00048164 _____ () C:\Users\Simis\Desktop\Extras.Txt
2014-12-29 14:39 - 2014-12-29 14:39 - 00602112 _____ (OldTimer Tools) C:\Users\Simis\Desktop\OTL.exe
2014-12-29 14:22 - 2014-12-29 14:22 - 00000197 _____ () C:\Windows\system32\2014-12-29-19-22-28.081-AvastVBoxSVC.exe-2692.log
2014-12-29 13:31 - 2014-12-29 13:31 - 00347816 _____ (Microsoft Corporation) C:\Users\Simis\Downloads\MicrosoftFixit.Performance.FISC.1343304900203918.1.1.Run.exe
2014-12-29 13:29 - 2014-12-29 13:29 - 00347816 _____ (Microsoft Corporation) C:\Users\Simis\Downloads\MicrosoftFixit.WinFileFolder.RNP.1343304900203918.2.2.Run.exe
2014-12-29 13:28 - 2014-12-29 13:28 - 00347816 _____ (Microsoft Corporation) C:\Users\Simis\Downloads\MicrosoftFixit.WinFileFolder.RNP.1343304900203918.2.1.Run.exe
2014-12-29 13:22 - 2014-12-29 13:23 - 00000197 _____ () C:\Windows\system32\2014-12-29-18-22-26.090-AvastVBoxSVC.exe-3076.log
2014-12-29 13:19 - 2014-12-29 13:19 - 00000017 _____ () C:\Users\Simis\AppData\Local\resmon.resmoncfg
2014-12-29 10:48 - 2014-12-29 10:48 - 00000197 _____ () C:\Windows\system32\2014-12-29-15-48-19.071-AvastVBoxSVC.exe-2944.log
2014-12-29 08:27 - 2014-12-29 08:27 - 00000197 _____ () C:\Windows\system32\2014-12-29-13-27-15.033-AvastVBoxSVC.exe-1432.log
2014-12-24 11:24 - 2014-12-24 11:24 - 00000197 _____ () C:\Windows\system32\2014-12-24-16-24-00.082-AvastVBoxSVC.exe-2188.log
2014-12-24 10:15 - 2014-12-24 10:15 - 00000197 _____ () C:\Windows\system32\2014-12-24-15-15-48.017-AvastVBoxSVC.exe-2336.log
2014-12-24 10:09 - 2014-12-24 10:10 - 00347816 _____ (Microsoft Corporation) C:\Users\Simis\Downloads\MicrosoftFixit.WinFileFolder.FISC.1342860965119576.1.1.Run.exe
2014-12-24 10:08 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-24 10:08 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-24 10:08 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-24 10:08 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-24 10:08 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-24 10:08 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-24 10:08 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-24 10:08 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-24 10:08 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-24 10:08 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-24 10:07 - 2014-12-24 10:07 - 00000188 _____ () C:\Users\Simis\Desktop\FixIt.url
2014-12-24 10:07 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-24 10:07 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-24 10:07 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-24 10:07 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-24 10:07 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-24 10:07 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-24 10:07 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-24 10:07 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-24 10:07 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-24 10:07 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-24 10:07 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-24 10:07 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-24 10:07 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-24 10:07 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-24 10:07 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-24 10:07 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-24 10:07 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-24 10:07 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-24 10:07 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-24 10:07 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-24 10:07 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-24 10:07 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-24 10:07 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-24 10:07 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-24 10:07 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-24 10:07 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-24 10:07 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-24 10:07 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-24 10:07 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-24 10:07 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-24 10:07 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-24 10:07 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-24 10:07 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-24 10:07 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-24 10:07 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-24 10:07 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-24 10:06 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-24 10:06 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-24 10:06 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-24 10:06 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-24 10:06 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-24 10:06 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-24 10:06 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-24 10:06 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-24 10:06 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-24 10:06 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-24 10:06 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-24 10:06 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-24 10:06 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-24 10:06 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-24 10:06 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-24 10:06 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-24 10:06 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-24 10:06 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-24 10:06 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-24 10:06 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-24 10:06 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-24 10:06 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-24 10:06 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-12-24 10:06 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-12-24 10:06 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-12-24 10:06 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-24 10:06 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-24 10:06 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-24 10:06 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-24 10:06 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-24 10:06 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-24 10:06 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-24 10:06 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-24 10:06 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-24 10:06 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-24 10:06 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-24 10:06 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-24 10:06 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-24 10:06 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-24 09:50 - 2014-12-24 09:51 - 00000197 _____ () C:\Windows\system32\2014-12-24-14-50-49.075-AvastVBoxSVC.exe-1032.log
2014-12-24 09:48 - 2015-01-05 16:34 - 00001950 _____ () C:\Windows\PFRO.log
2014-12-24 09:44 - 2015-01-14 14:29 - 00000000 ____D () C:\Windows\pss
2014-12-24 09:32 - 2014-12-24 09:32 - 00000197 _____ () C:\Windows\system32\2014-12-24-14-32-15.053-AvastVBoxSVC.exe-3136.log
2014-12-23 18:04 - 2014-12-23 18:04 - 00000197 _____ () C:\Windows\system32\2014-12-23-23-04-05.044-AvastVBoxSVC.exe-3344.log
2014-12-23 17:45 - 2014-12-23 17:45 - 00000197 _____ () C:\Windows\system32\2014-12-23-22-45-12.001-AvastVBoxSVC.exe-3372.log
2014-12-23 13:21 - 2014-12-23 13:21 - 00000197 _____ () C:\Windows\system32\2014-12-23-18-21-29.058-AvastVBoxSVC.exe-3364.log
2014-12-22 12:32 - 2014-12-22 12:32 - 00000197 _____ () C:\Windows\system32\2014-12-22-17-32-49.057-AvastVBoxSVC.exe-3232.log
2014-12-21 17:40 - 2014-12-21 17:40 - 00000197 _____ () C:\Windows\system32\2014-12-21-22-40-13.023-AvastVBoxSVC.exe-2304.log
2014-12-21 10:34 - 2014-12-21 10:34 - 00000197 _____ () C:\Windows\system32\2014-12-21-15-34-16.032-AvastVBoxSVC.exe-3112.log
2014-12-20 13:54 - 2014-12-20 13:54 - 00000197 _____ () C:\Windows\system32\2014-12-20-18-54-28.023-AvastVBoxSVC.exe-2520.log
2014-12-20 13:53 - 2015-01-13 14:12 - 00109296 _____ () C:\Users\Simis\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-20 13:51 - 2015-01-13 14:16 - 00410736 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-20 13:47 - 2015-01-14 14:31 - 00003808 _____ () C:\Windows\setupact.log
2014-12-20 13:47 - 2014-12-20 13:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-19 17:01 - 2014-12-19 17:01 - 05317104 _____ (Piriform Ltd) C:\Users\Simis\Downloads\ccsetup501.exe
2014-12-17 17:47 - 2014-12-17 17:47 - 00000197 _____ () C:\Windows\system32\2014-12-17-22-47-47.083-AvastVBoxSVC.exe-2056.log
2014-12-17 17:39 - 2014-12-17 17:39 - 05162080 _____ (Piriform Ltd) C:\Users\Simis\Downloads\ccsetup500(2).exe
2014-12-17 17:38 - 2014-12-17 17:38 - 05162080 _____ (Piriform Ltd) C:\Users\Simis\Downloads\ccsetup500(1).exe
2014-12-15 16:30 - 2014-12-15 16:30 - 00018948 _____ () C:\Users\Simis\Documents\cc_20141215_162955.reg
2014-12-15 15:20 - 2014-12-15 15:20 - 00000197 _____ () C:\Windows\system32\2014-12-15-20-20-42.040-AvastVBoxSVC.exe-2748.log
2014-12-15 08:09 - 2014-12-15 08:09 - 05162080 _____ (Piriform Ltd) C:\Users\Simis\Downloads\ccsetup500.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 20:55 - 2014-09-08 20:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-14 20:47 - 2014-09-11 16:30 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-14 20:22 - 2014-09-08 18:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-14 15:58 - 2014-09-15 15:06 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-14 15:45 - 2014-11-11 14:35 - 00000000 ____D () C:\Users\Simis\Documents\DonationCoder
2015-01-14 15:29 - 2014-09-06 15:21 - 01889784 _____ () C:\Windows\WindowsUpdate.log
2015-01-14 14:39 - 2009-07-13 23:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-14 14:39 - 2009-07-13 23:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-14 14:31 - 2014-09-11 16:30 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-14 14:31 - 2014-09-06 13:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-14 14:31 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-14 13:49 - 2014-09-11 13:24 - 00723920 _____ () C:\Windows\system32\perfh019.dat
2015-01-14 13:49 - 2014-09-11 13:24 - 00150222 _____ () C:\Windows\system32\perfc019.dat
2015-01-14 13:49 - 2009-07-14 00:13 - 01647438 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 15:31 - 2014-09-15 14:13 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-13 15:31 - 2014-09-15 14:13 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-13 15:30 - 2014-09-08 20:02 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 15:30 - 2014-09-08 20:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 15:30 - 2014-09-08 20:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-13 13:50 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-07 14:46 - 2014-09-10 16:07 - 00000000 ____D () C:\Users\Simis\AppData\Roaming\vlc
2015-01-06 15:39 - 2014-09-06 13:33 - 00000000 ____D () C:\Users\Simis\AppData\Local\Microsoft Help
2015-01-06 04:36 - 2010-11-20 22:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-29 10:39 - 2014-09-08 20:01 - 00000000 ____D () C:\Users\Simis\AppData\Local\Adobe
2014-12-24 11:01 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-12-24 10:12 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-24 10:11 - 2014-09-11 13:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-24 10:09 - 2014-09-06 12:32 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-24 10:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-12-24 10:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-12-24 10:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-24 10:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-12-24 09:47 - 2014-09-08 20:13 - 00000000 ____D () C:\ProgramData\ScanSoft
2014-12-15 15:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Branding
2014-12-15 08:11 - 2014-09-15 15:06 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-15 08:11 - 2014-09-15 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-15 08:11 - 2014-09-15 15:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

Some content of TEMP:
====================
C:\Users\Simis\AppData\Local\Temp\Quarantine.exe
C:\Users\Simis\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 15:06

==================== End Of Log ============================
  • 0

#18
sem40

sem40

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 14/01/2015 9:18:36 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/01/2015 2:14:05 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.00#20060413092100000&0#.

 

 

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 14/01/2015 9:23:05 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 


  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Event log looks a lot better now.  Is it shutting down faster now?  Does it still give you a problem waking from sleep?

 

FRST scan does not seem to have changed so I don't think you got the fixlist to work (See post #13).  


  • 0

#20
sem40

sem40

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Hi, Ron,

 

I had a hard time deleting and reinstalling Canon drives- had to call Canon.  Also, I could not have Fixit to work.  Here are new logs.  I hope that I've done what you asked me for.  After power option was set to sleep, it still doing the same, no changes

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by Simis at 2015-01-22 13:23:37 Run:2
Running from C:\Users\Simis\Desktop\FRST-OlderVersion
Loaded Profiles: Simis (Available profiles: Simis)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 AIDA64Driver; \??\I:\AIDA64 Engineer Edition 4.50.3000\kerneld.x64 [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
*****************

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
AIDA64Driver => Service not found.
VGPU => Service not found.

==== End of Fixlog 13:23:38 ====

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by Simis at 2015-01-22 13:32:02 Run:3
Running from C:\Users\Simis\Desktop\FRST-OlderVersion
Loaded Profiles: Simis (Available profiles: Simis)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 AIDA64Driver; \??\I:\AIDA64 Engineer Edition 4.50.3000\kerneld.x64 [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
*****************

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
AIDA64Driver => Service not found.
VGPU => Service not found.

==== End of Fixlog 13:32:02 ====


  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

After power option was set to sleep, it still doing the same, no changes.  Don't remember telling you to do that.

 

Let's turn off sleep and hibernate, reboot and then turn then back on again.

 

Click Start, and then type cmd in the Start Search box.
In the search results list, right-click Command Prompt, and then click Run as Administrator.
When you are prompted by User Account Control, click Continue.
At the command prompt, type
 
powercfg.exe  /hibernate  off
 
, and then press Enter.
Type exit, and then press Enter to close the Command Prompt window.
 
Reboot
 
then:
 
Click Start, and then type cmd in the Start Search box.
In the search results list, right-click Command Prompt, and then click Run as Administrator.
When you are prompted by User Account Control, click Continue.
At the command prompt, type 
 
powercfg.exe  /hibernate  on
 
, and then press Enter.
Type exit, and then press Enter to close the Command Prompt window.

 

 

This should delete the hiberfil.sys file.  Sometimes it get corrupt.  A new one gets built when you turn it back on.


  • 0

#22
sem40

sem40

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Done this.
  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Any change?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP