Jump to content

All windows programs freezing (even Task Manager!)


Bennito

Recommended Posts

Hi All,

I've been here once before and the help was excellent. So, unfortunately I return for a different issue.

OS is windows 8 on a HE Pavilion dv6. Startup is ok, then after 5 mins. programs start to freeze. Opening task manager is also longer than normal and even freezes as well. All there is left to do is try to restart (which does not work). When task manager does work I can't see what would be the cause. I do see the "disk" running at 100%. Sometimes the OS runs just fine for 5 mins...

Can someone please help?

Thanks in advance.

Link to post
Share on other sites

Thanks Firefox. 

Here is the FRST scan log. The CheckResults did not provide any output on the desktop, and the link you provided did not include Addition.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01
Ran by Ben & Ramona (administrator) on ZONASUL on 24-07-2014 20:38:07
Running from C:\Users\Ben & Ramona\Desktop
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Tanuki Software, Ltd.) C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
(Oracle Corporation) C:\Program Files (x86)\PS3 Media Server\jre64\bin\java.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Beats) C:\Program Files (x86)\Beats Electronics LLC\Beats Updater.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [setDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-08-28] (IDT, Inc.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-05] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard)
HKU\S-1-5-21-1637690266-1907040400-3293637658-1002\...\Run: [Google Update] => C:\Users\Ben & Ramona\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-22] (Google Inc.)
HKU\S-1-5-21-1637690266-1907040400-3293637658-1002\...\Run: [beats Updater] => C:\Program Files (x86)\Beats Electronics LLC\Beats Updater.exe [1337344 2014-02-13] (Beats)
HKU\S-1-5-21-1637690266-1907040400-3293637658-1002\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1637690266-1907040400-3293637658-1002\...\Run: [googletalk] => C:\Users\Ben & Ramona\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\S-1-5-21-1637690266-1907040400-3293637658-1002\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-07-20] (Glarysoft Ltd)
AppInit_DLLs: C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll => C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll File Not Found
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => "c:\progra~3\fastan~1\fastan~1.dll" File Not Found
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben & Ramona\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben & Ramona\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben & Ramona\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben & Ramona\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk *  BootDefrag.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - {5961EBEE-7657-4092-A953-C9E5793D91F4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {5961EBEE-7657-4092-A953-C9E5793D91F4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch&d=y
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {5961EBEE-7657-4092-A953-C9E5793D91F4} URL =
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch&d=y
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKCU - {F813F595-1DA6-4476-915D-E3C2FDF0B758} URL = http://www.google.com/cse?cx=partner-pub-6697027465779297:3144322079&ie=ISO-8859-1&sa=Search&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: FeineeDeeAlSofta -> {36D43720-1FF7-8946-8B5E-6336A230F4C8} -> C:\ProgramData\FeineeDeeAlSofta\uLlkl.x64.dll ()
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ben & Ramona\AppData\Roaming\Mozilla\Firefox\Profiles\0j7kmsop.default-1406215777716
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ben & Ramona\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Ben & Ramona\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Ben & Ramona\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ben & Ramona\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ben & Ramona\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Ben & Ramona\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Ben & Ramona\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2013-12-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-31]

Chrome:
=======
CHR HomePage:
CHR StartupUrls: "https://www.google.com/"
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12]
CHR Extension: (Google Cast) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-07-06]
CHR Extension: (Google+ Notifications) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi [2014-06-12]
CHR Extension: (Google Search) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12]
CHR Extension: (avast! Online Security) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-31]
CHR Extension: (Clear History) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhibcmkdgpfagejobeajjlidmoddmicp [2014-06-12]
CHR Extension: (Google Wallet) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-06-12]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2014-06-12]
CHR Extension: (Gmail) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-05] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-05] (AVAST Software)
S4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-07] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S4 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2014-01-09] (Microsoft Corporation)
R2 PS3 Media Server; C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [384280 2012-11-27] (Tanuki Software, Ltd.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-09] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-01-09] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-05] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-05] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-05] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-07] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6831688 2013-08-28] (Broadcom Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16640 2013-07-06] (<Glarysoft Ltd>)
R0 BootDefragDriver; C:\Windows\SysWOW64\drivers\BootDefragDriver.sys [16640 2013-07-06] (<Glarysoft Ltd>)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-20] (Broadcom Corporation.)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-05-22] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2012-05-22] (Symantec Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2014-07-22] (Glarysoft Ltd)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2014-01-09] (Microsoft Corporation)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [145144 2013-11-07] (Ray Hinchliffe)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-01-23] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
U3 idsvc;

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-24 20:38 - 2014-07-24 20:41 - 00029884 _____ () C:\Users\Ben & Ramona\Desktop\FRST.txt
2014-07-24 20:36 - 2014-07-24 20:37 - 00643860 _____ (Malwarebytes Corporation) C:\Users\Ben & Ramona\Desktop\mbam-check-2.1.1.1001.exe
2014-07-24 20:01 - 2014-07-24 20:01 - 02093568 _____ (Farbar) C:\Users\Ben & Ramona\Desktop\FRST64.exe
2014-07-24 11:29 - 2014-07-24 11:29 - 00000000 ____D () C:\Users\Ben & Ramona\Desktop\Old Firefox Data
2014-07-24 09:54 - 2014-07-24 12:07 - 00038094 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-22 13:13 - 2014-07-22 13:18 - 00005587 _____ () C:\DiskDefrag.log
2014-07-22 13:12 - 2014-07-24 19:58 - 00000362 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-07-22 13:12 - 2014-07-22 13:31 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-07-22 13:12 - 2014-07-22 13:12 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2014-07-22 13:12 - 2014-07-22 13:12 - 00002992 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-07-22 13:12 - 2014-07-22 13:12 - 00002666 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2014-07-22 13:12 - 2014-07-22 13:12 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-07-22 13:12 - 2014-07-22 13:12 - 00001096 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-07-22 13:11 - 2014-07-22 13:12 - 14094456 _____ () C:\Users\Ben & Ramona\Downloads\Glary_Utilities_v5.4.0.11.exe
2014-07-21 20:51 - 2014-07-24 09:08 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-18 01:55 - 2014-07-18 01:55 - 04812672 _____ (Piriform Ltd) C:\Users\Ben & Ramona\Downloads\ccsetup415.exe
2014-07-09 22:35 - 2014-04-13 23:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 22:34 - 2014-07-09 22:34 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 19:22 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 19:22 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 19:22 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 19:22 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 19:22 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 19:22 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 19:22 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 19:22 - 2014-06-18 19:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 19:22 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 19:22 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 19:22 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 19:22 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 19:22 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 19:22 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 19:22 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 19:22 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 19:22 - 2014-06-18 18:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 19:22 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 19:22 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 19:22 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 19:22 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 19:22 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 19:22 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 19:22 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 19:22 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 19:22 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 19:22 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 19:22 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 19:22 - 2014-06-16 18:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 19:22 - 2014-06-06 10:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 19:22 - 2014-05-29 23:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 19:22 - 2014-05-29 08:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 19:22 - 2014-05-29 03:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 19:22 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 19:22 - 2014-05-29 02:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 19:22 - 2014-05-29 01:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 19:22 - 2014-05-29 01:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 19:20 - 2014-06-30 18:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 19:20 - 2014-06-28 03:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 19:20 - 2014-06-28 03:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 19:20 - 2014-06-06 09:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 19:20 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 19:20 - 2014-05-31 06:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 19:20 - 2014-05-31 06:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 19:20 - 2014-05-30 23:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 19:20 - 2014-05-30 23:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 19:20 - 2014-05-30 23:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 19:20 - 2014-05-30 23:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 19:20 - 2014-05-30 23:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 19:20 - 2014-05-30 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 19:20 - 2014-05-30 22:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 19:20 - 2014-05-30 22:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 19:20 - 2014-05-30 22:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 19:20 - 2014-05-30 22:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 19:20 - 2014-05-30 22:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 19:20 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 19:20 - 2014-05-30 22:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 19:14 - 2014-07-09 19:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-06 20:30 - 2014-07-06 20:30 - 00001280 _____ () C:\Users\Ben & Ramona\Desktop\Chromecast.lnk
2014-07-06 20:30 - 2014-07-06 20:30 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-07-06 20:29 - 2014-07-06 20:29 - 00895120 _____ (Google Inc.) C:\Users\Ben & Ramona\Downloads\chromecastinstaller.exe
2014-07-05 15:41 - 2014-07-05 15:41 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\DropboxMaster
2014-07-05 15:40 - 2014-07-05 15:40 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-05 15:39 - 2014-07-05 15:41 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Dropbox
2014-07-05 11:54 - 2014-07-05 11:54 - 00448400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-07-05 11:54 - 2014-07-05 11:54 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-04 23:36 - 2014-07-18 23:38 - 00003456 _____ () C:\Users\Ben & Ramona\Desktop\Say It!.xspf
2014-06-24 23:02 - 2014-06-24 23:02 - 00001989 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-24 23:02 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-24 20:41 - 2014-07-24 20:38 - 00029884 _____ () C:\Users\Ben & Ramona\Desktop\FRST.txt
2014-07-24 20:41 - 2014-01-23 14:04 - 00000000 ____D () C:\FRST
2014-07-24 20:37 - 2014-07-24 20:36 - 00643860 _____ (Malwarebytes Corporation) C:\Users\Ben & Ramona\Desktop\mbam-check-2.1.1.1001.exe
2014-07-24 20:36 - 2012-05-22 17:54 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1637690266-1907040400-3293637658-1002UA.job
2014-07-24 20:22 - 2012-06-07 10:53 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-24 20:15 - 2013-05-21 05:40 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-24 20:05 - 2013-08-22 10:55 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1637690266-1907040400-3293637658-1002
2014-07-24 20:01 - 2014-07-24 20:01 - 02093568 _____ (Farbar) C:\Users\Ben & Ramona\Desktop\FRST64.exe
2014-07-24 20:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-24 19:59 - 2014-01-09 14:38 - 00000000 __RDO () C:\Users\Ben & Ramona\SkyDrive
2014-07-24 19:59 - 2014-01-06 20:14 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-24 19:58 - 2014-07-22 13:12 - 00000362 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-07-24 19:58 - 2012-08-07 13:23 - 00000000 ____D () C:\ProgramData\PMS
2014-07-24 19:57 - 2014-01-09 14:10 - 00000000 ____D () C:\Users\Ben & Ramona
2014-07-24 19:57 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-24 19:57 - 2013-05-21 05:40 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-24 17:22 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 17:22 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 14:32 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-24 13:12 - 2013-11-28 11:07 - 00000972 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1637690266-1907040400-3293637658-1002UA.job
2014-07-24 12:07 - 2014-07-24 09:54 - 00038094 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-24 11:49 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-24 11:49 - 2013-03-14 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 11:29 - 2014-07-24 11:29 - 00000000 ____D () C:\Users\Ben & Ramona\Desktop\Old Firefox Data
2014-07-24 10:14 - 2013-11-28 11:06 - 00000950 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1637690266-1907040400-3293637658-1002Core.job
2014-07-24 09:39 - 2012-05-22 19:12 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Skype
2014-07-24 09:08 - 2014-07-21 20:51 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-23 22:03 - 2012-05-22 17:42 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{57EF367D-5A56-4775-8898-0335728A6F71}
2014-07-23 21:58 - 2012-12-20 02:19 - 00001458 _____ () C:\Users\Ben & Ramona\Desktop\password.txt
2014-07-22 17:06 - 2012-05-22 17:51 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Macromedia
2014-07-22 16:02 - 2014-02-17 01:39 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\vlc
2014-07-22 15:54 - 2013-07-12 16:19 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\DiskDefrag
2014-07-22 14:00 - 2013-07-23 11:04 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-07-22 13:59 - 2013-07-23 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-07-22 13:59 - 2011-11-08 14:12 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-07-22 13:31 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-07-22 13:18 - 2014-07-22 13:13 - 00005587 _____ () C:\DiskDefrag.log
2014-07-22 13:18 - 2012-11-29 21:37 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\GlarySoft
2014-07-22 13:12 - 2014-07-22 13:12 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2014-07-22 13:12 - 2014-07-22 13:12 - 00002992 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-07-22 13:12 - 2014-07-22 13:12 - 00002666 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2014-07-22 13:12 - 2014-07-22 13:12 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-07-22 13:12 - 2014-07-22 13:12 - 00001096 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-07-22 13:12 - 2014-07-22 13:11 - 14094456 _____ () C:\Users\Ben & Ramona\Downloads\Glary_Utilities_v5.4.0.11.exe
2014-07-18 23:38 - 2014-07-04 23:36 - 00003456 _____ () C:\Users\Ben & Ramona\Desktop\Say It!.xspf
2014-07-18 01:55 - 2014-07-18 01:55 - 04812672 _____ (Piriform Ltd) C:\Users\Ben & Ramona\Downloads\ccsetup415.exe
2014-07-18 01:55 - 2014-06-18 23:21 - 00000794 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-18 01:55 - 2014-04-10 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-18 01:55 - 2014-02-06 13:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-17 21:08 - 2014-01-31 01:07 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-17 13:11 - 2013-08-22 10:48 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Local\Packages
2014-07-17 13:09 - 2012-06-07 10:53 - 00003742 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-17 09:05 - 2012-05-22 17:54 - 00000884 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1637690266-1907040400-3293637658-1002Core.job
2014-07-16 19:33 - 2012-05-30 14:38 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-07-16 19:32 - 2012-06-06 20:26 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-14 10:19 - 2014-06-22 13:12 - 00000000 ____D () C:\ProgramData\FeineeDeeAlSofta
2014-07-12 21:35 - 2013-08-21 07:38 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-12 21:35 - 2012-07-26 08:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 14:56 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-10 08:45 - 2013-08-22 10:44 - 00480552 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-10 01:12 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-10 01:12 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 01:12 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 01:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 22:43 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 22:41 - 2013-08-14 20:18 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 22:36 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 22:36 - 2012-05-25 13:01 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 22:34 - 2014-07-09 22:34 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 22:34 - 2013-11-14 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 19:14 - 2014-07-09 19:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-06 20:30 - 2014-07-06 20:30 - 00001280 _____ () C:\Users\Ben & Ramona\Desktop\Chromecast.lnk
2014-07-06 20:30 - 2014-07-06 20:30 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-07-06 20:29 - 2014-07-06 20:29 - 00895120 _____ (Google Inc.) C:\Users\Ben & Ramona\Downloads\chromecastinstaller.exe
2014-07-06 20:29 - 2012-05-22 17:54 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Local\Google
2014-07-05 15:41 - 2014-07-05 15:41 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\DropboxMaster
2014-07-05 15:41 - 2014-07-05 15:39 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Dropbox
2014-07-05 15:40 - 2014-07-05 15:40 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-05 11:55 - 2014-01-31 01:13 - 00001988 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-05 11:55 - 2014-01-31 01:07 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-05 11:54 - 2014-07-05 11:54 - 00448400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-07-05 11:54 - 2014-07-05 11:54 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-05 11:54 - 2014-04-20 13:04 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-05 11:54 - 2014-01-31 01:13 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2014-07-05 11:54 - 2014-01-31 01:07 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-07-05 11:54 - 2014-01-31 01:07 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-05 11:54 - 2014-01-31 01:07 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-05 11:54 - 2014-01-31 01:07 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-05 11:54 - 2014-01-31 01:07 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-07-05 11:54 - 2014-01-31 01:07 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-05 11:54 - 2014-01-31 01:07 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-03 07:48 - 2014-06-22 10:27 - 00000000 ____D () C:\ProgramData\Fast And Safe
2014-06-30 18:45 - 2014-07-09 19:20 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-28 03:48 - 2014-07-09 19:20 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 03:07 - 2014-07-09 19:20 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 16:55 - 2013-08-22 11:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 16:55 - 2013-08-22 11:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-24 23:09 - 2013-04-19 21:24 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Samsung
2014-06-24 23:09 - 2013-04-19 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-24 23:09 - 2013-04-19 21:06 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-24 23:09 - 2013-04-19 21:06 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-24 23:09 - 2011-11-08 14:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-24 23:04 - 2013-04-19 22:03 - 00000000 ____D () C:\Users\Ben & Ramona\Documents\SelfMV
2014-06-24 23:02 - 2014-06-24 23:02 - 00001989 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk

Some content of TEMP:
====================
C:\Users\Ben & Ramona\AppData\Local\Temp\~min56825805.dll
C:\Users\Ben & Ramona\AppData\Local\Temp\~min57430010.dll
C:\Users\Ben & Ramona\AppData\Local\Temp\~min65562447.dll
C:\Users\Ben & Ramona\AppData\Local\Temp\~min89117615.dll
C:\Users\Ben & Ramona\AppData\Local\Temp\~min90047770.dll
C:\Users\Ben & Ramona\AppData\Local\Temp\~min96488172.dll
C:\Users\Ben & Ramona\AppData\Local\Temp\~min98834648.dll
C:\Users\Ben & Ramona\AppData\Local\Temp\~rdp58530115.dll
C:\Users\Ben & Ramona\AppData\Local\Temp\~registryhlp50955635.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-24 11:46

==================== End Of Log ============================

 

 

Please let me know what else I can for you!

Bennito

Link to post
Share on other sites

Hi:

 

Until Firefox returns....

If you didn't get an Addition.txt log, it's probably because you have run the tool before on this same computer???

Having this log will assist us.

So, if you would, please re-run FRST, but before you do, please be sure there is a checkmark in the box for "Addition.txt" under Options.

That way, it will produce both logs.

 

Then please post them back (as attachments, if possible).

 

Thanks!

Link to post
Share on other sites

Hi and thanks for your response. You're probably right. Also, I did not check the "Addition.txt" for output. Sorry if I misread the instructions.

I am unable to attach the Addition. txt file. So I will post it in the next post !!

Here's the most recent FRST log file:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01 Ran by Ben & Ramona (administrator) on ZONASUL on 25-07-2014 10:06:48 Running from C:\Users\Ben & Ramona\Desktop Platform: Windows 8.1 Pro (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: "https://www.google.com/" CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22] CHR Extension: (YouTube) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12] CHR Extension: (Google Cast) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-07-06] CHR Extension: (Google+ Notifications) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi [2014-06-12] CHR Extension: (Google Search) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12] CHR Extension: (avast! Online Security) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-31] CHR Extension: (Clear History) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhibcmkdgpfagejobeajjlidmoddmicp [2014-06-12] CHR Extension: (Google Wallet) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21] CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-06-12] CHR Extension: (Send from Gmail (by Google)) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2014-06-12] CHR Extension: (Gmail) - C:\Users\Ben & Ramona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-05] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-05] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-05] (AVAST Software) S4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-07] (Broadcom Corporation.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) S4 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company) S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed] S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2014-01-09] (Microsoft Corporation) R2 PS3 Media Server; C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [384280 2012-11-27] (Tanuki Software, Ltd.) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-09] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-01-09] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-05] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-05] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-05] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-05] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-05] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-05] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-05] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-05] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-05] () R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-07] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6831688 2013-08-28] (Broadcom Corporation) R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16640 2013-07-06] ( ) R0 BootDefragDriver; C:\Windows\SysWOW64\drivers\BootDefragDriver.sys [16640 2013-07-06] () R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-20] (Broadcom Corporation.) S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-05-22] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2012-05-22] (Symantec Corporation) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2014-07-22] (Glarysoft Ltd) S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2014-01-09] (Microsoft Corporation) S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [145144 2013-11-07] (Ray Hinchliffe) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-01-23] () S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) U3 idsvc; ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-24 20:38 - 2014-07-25 10:07 - 00029059 _____ () C:\Users\Ben & Ramona\Desktop\FRST.txt 2014-07-24 20:36 - 2014-07-24 20:37 - 00643860 _____ (Malwarebytes Corporation) C:\Users\Ben & Ramona\Desktop\mbam-check-2.1.1.1001.exe 2014-07-24 20:01 - 2014-07-24 20:01 - 02093568 _____ (Farbar) C:\Users\Ben & Ramona\Desktop\FRST64.exe 2014-07-24 11:29 - 2014-07-24 11:29 - 00000000 ____D () C:\Users\Ben & Ramona\Desktop\Old Firefox Data 2014-07-24 09:54 - 2014-07-24 12:07 - 00038094 _____ () C:\WINDOWS\WindowsUpdate.log 2014-07-22 13:13 - 2014-07-22 13:18 - 00005587 _____ () C:\DiskDefrag.log 2014-07-22 13:12 - 2014-07-25 09:55 - 00000362 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job 2014-07-22 13:12 - 2014-07-22 13:31 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5 2014-07-22 13:12 - 2014-07-22 13:12 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys 2014-07-22 13:12 - 2014-07-22 13:12 - 00002992 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC 2014-07-22 13:12 - 2014-07-22 13:12 - 00002666 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5 2014-07-22 13:12 - 2014-07-22 13:12 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2014-07-22 13:12 - 2014-07-22 13:12 - 00001096 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk 2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\GlarySoft 2014-07-22 13:11 - 2014-07-22 13:12 - 14094456 _____ () C:\Users\Ben & Ramona\Downloads\Glary_Utilities_v5.4.0.11.exe 2014-07-21 20:51 - 2014-07-24 09:08 - 00000000 ____D () C:\WINDOWS\Minidump 2014-07-18 01:55 - 2014-07-18 01:55 - 04812672 _____ (Piriform Ltd) C:\Users\Ben & Ramona\Downloads\ccsetup415.exe 2014-07-09 22:35 - 2014-04-13 23:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2014-07-09 22:34 - 2014-07-09 22:34 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-07-09 19:22 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-07-09 19:22 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-07-09 19:22 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-07-09 19:22 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-07-09 19:22 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-07-09 19:22 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-07-09 19:22 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-07-09 19:22 - 2014-06-18 19:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-07-09 19:22 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-07-09 19:22 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-07-09 19:22 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-07-09 19:22 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-07-09 19:22 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-07-09 19:22 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-07-09 19:22 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-07-09 19:22 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-07-09 19:22 - 2014-06-18 18:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-07-09 19:22 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-07-09 19:22 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-07-09 19:22 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-07-09 19:22 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-07-09 19:22 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-07-09 19:22 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-07-09 19:22 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-07-09 19:22 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-07-09 19:22 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-07-09 19:22 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-07-09 19:22 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe 2014-07-09 19:22 - 2014-06-16 18:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe 2014-07-09 19:22 - 2014-06-06 10:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-07-09 19:22 - 2014-05-29 23:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2014-07-09 19:22 - 2014-05-29 08:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-07-09 19:22 - 2014-05-29 03:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-07-09 19:22 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-07-09 19:22 - 2014-05-29 02:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-07-09 19:22 - 2014-05-29 01:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-07-09 19:22 - 2014-05-29 01:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-07-09 19:20 - 2014-06-30 18:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-07-09 19:20 - 2014-06-28 03:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-07-09 19:20 - 2014-06-28 03:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2014-07-09 19:20 - 2014-06-06 09:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-07-09 19:20 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2014-07-09 19:20 - 2014-05-31 06:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-07-09 19:20 - 2014-05-31 06:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2014-07-09 19:20 - 2014-05-30 23:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-07-09 19:20 - 2014-05-30 23:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-07-09 19:20 - 2014-05-30 23:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-09 19:20 - 2014-05-30 23:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-07-09 19:20 - 2014-05-30 23:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-07-09 19:20 - 2014-05-30 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-09 19:20 - 2014-05-30 22:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-07-09 19:20 - 2014-05-30 22:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-07-09 19:20 - 2014-05-30 22:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-07-09 19:20 - 2014-05-30 22:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2014-07-09 19:20 - 2014-05-30 22:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-07-09 19:20 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2014-07-09 19:20 - 2014-05-30 22:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-07-09 19:14 - 2014-07-09 19:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-07-06 20:30 - 2014-07-06 20:30 - 00001280 _____ () C:\Users\Ben & Ramona\Desktop\Chromecast.lnk 2014-07-06 20:30 - 2014-07-06 20:30 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast 2014-07-06 20:29 - 2014-07-06 20:29 - 00895120 _____ (Google Inc.) C:\Users\Ben & Ramona\Downloads\chromecastinstaller.exe 2014-07-05 15:41 - 2014-07-05 15:41 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\DropboxMaster 2014-07-05 15:40 - 2014-07-05 15:40 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-07-05 15:39 - 2014-07-05 15:41 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Dropbox 2014-07-05 11:54 - 2014-07-05 11:54 - 00448400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys 2014-07-05 11:54 - 2014-07-05 11:54 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-07-04 23:36 - 2014-07-18 23:38 - 00003456 _____ () C:\Users\Ben & Ramona\Desktop\Say It!.xspf ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-25 10:07 - 2014-07-24 20:38 - 00029059 _____ () C:\Users\Ben & Ramona\Desktop\FRST.txt 2014-07-25 10:06 - 2014-01-23 14:04 - 00000000 ____D () C:\FRST 2014-07-25 10:01 - 2013-08-22 10:55 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1637690266-1907040400-3293637658-1002 2014-07-25 09:59 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-07-25 09:56 - 2014-01-09 14:38 - 00000000 __RDO () C:\Users\Ben & Ramona\SkyDrive 2014-07-25 09:56 - 2014-01-06 20:14 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-25 09:55 - 2014-07-22 13:12 - 00000362 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job 2014-07-25 09:55 - 2012-08-07 13:23 - 00000000 ____D () C:\ProgramData\PMS 2014-07-25 09:54 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-07-25 09:54 - 2013-05-21 05:40 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-24 23:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-07-24 22:46 - 2012-05-22 17:42 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{57EF367D-5A56-4775-8898-0335728A6F71} 2014-07-24 22:34 - 2012-05-22 17:54 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1637690266-1907040400-3293637658-1002UA.job 2014-07-24 22:19 - 2012-06-07 10:53 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-07-24 22:15 - 2014-02-17 01:39 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\vlc 2014-07-24 22:15 - 2013-05-21 05:40 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-24 22:12 - 2013-11-28 11:07 - 00000972 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1637690266-1907040400-3293637658-1002UA.job 2014-07-24 20:37 - 2014-07-24 20:36 - 00643860 _____ (Malwarebytes Corporation) C:\Users\Ben & Ramona\Desktop\mbam-check-2.1.1.1001.exe 2014-07-24 20:01 - 2014-07-24 20:01 - 02093568 _____ (Farbar) C:\Users\Ben & Ramona\Desktop\FRST64.exe 2014-07-24 19:57 - 2014-01-09 14:10 - 00000000 ____D () C:\Users\Ben & Ramona 2014-07-24 17:22 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-24 17:22 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-24 14:32 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-07-24 12:07 - 2014-07-24 09:54 - 00038094 _____ () C:\WINDOWS\WindowsUpdate.log 2014-07-24 11:49 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-07-24 11:49 - 2013-03-14 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-24 11:29 - 2014-07-24 11:29 - 00000000 ____D () C:\Users\Ben & Ramona\Desktop\Old Firefox Data 2014-07-24 10:14 - 2013-11-28 11:06 - 00000950 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1637690266-1907040400-3293637658-1002Core.job 2014-07-24 09:39 - 2012-05-22 19:12 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Skype 2014-07-24 09:08 - 2014-07-21 20:51 - 00000000 ____D () C:\WINDOWS\Minidump 2014-07-23 21:58 - 2012-12-20 02:19 - 00001458 _____ () C:\Users\Ben & Ramona\Desktop\password.txt 2014-07-22 17:06 - 2012-05-22 17:51 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Macromedia 2014-07-22 15:54 - 2013-07-12 16:19 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\DiskDefrag 2014-07-22 14:00 - 2013-07-23 11:04 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite 2014-07-22 13:59 - 2013-07-23 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite 2014-07-22 13:59 - 2011-11-08 14:12 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard 2014-07-22 13:31 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5 2014-07-22 13:18 - 2014-07-22 13:13 - 00005587 _____ () C:\DiskDefrag.log 2014-07-22 13:18 - 2012-11-29 21:37 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\GlarySoft 2014-07-22 13:12 - 2014-07-22 13:12 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys 2014-07-22 13:12 - 2014-07-22 13:12 - 00002992 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC 2014-07-22 13:12 - 2014-07-22 13:12 - 00002666 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5 2014-07-22 13:12 - 2014-07-22 13:12 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2014-07-22 13:12 - 2014-07-22 13:12 - 00001096 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk 2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\GlarySoft 2014-07-22 13:12 - 2014-07-22 13:11 - 14094456 _____ () C:\Users\Ben & Ramona\Downloads\Glary_Utilities_v5.4.0.11.exe 2014-07-18 23:38 - 2014-07-04 23:36 - 00003456 _____ () C:\Users\Ben & Ramona\Desktop\Say It!.xspf 2014-07-18 01:55 - 2014-07-18 01:55 - 04812672 _____ (Piriform Ltd) C:\Users\Ben & Ramona\Downloads\ccsetup415.exe 2014-07-18 01:55 - 2014-06-18 23:21 - 00000794 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-18 01:55 - 2014-04-10 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-07-18 01:55 - 2014-02-06 13:18 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-17 21:08 - 2014-01-31 01:07 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update 2014-07-17 13:11 - 2013-08-22 10:48 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Local\Packages 2014-07-17 13:09 - 2012-06-07 10:53 - 00003742 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-07-17 09:05 - 2012-05-22 17:54 - 00000884 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1637690266-1907040400-3293637658-1002Core.job 2014-07-16 19:33 - 2012-05-30 14:38 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log 2014-07-16 19:32 - 2012-06-06 20:26 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-07-14 10:19 - 2014-06-22 13:12 - 00000000 ____D () C:\ProgramData\FeineeDeeAlSofta 2014-07-12 21:35 - 2013-08-21 07:38 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-07-12 21:35 - 2012-07-26 08:46 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-07-10 14:56 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-07-10 08:45 - 2013-08-22 10:44 - 00480552 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-07-10 01:12 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-07-10 01:12 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 01:12 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 01:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-07-09 22:43 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-07-09 22:41 - 2013-08-14 20:18 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-07-09 22:36 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-07-09 22:36 - 2012-05-25 13:01 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-07-09 22:34 - 2014-07-09 22:34 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-07-09 22:34 - 2013-11-14 03:17 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-09 19:14 - 2014-07-09 19:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-07-06 20:30 - 2014-07-06 20:30 - 00001280 _____ () C:\Users\Ben & Ramona\Desktop\Chromecast.lnk 2014-07-06 20:30 - 2014-07-06 20:30 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast 2014-07-06 20:29 - 2014-07-06 20:29 - 00895120 _____ (Google Inc.) C:\Users\Ben & Ramona\Downloads\chromecastinstaller.exe 2014-07-06 20:29 - 2012-05-22 17:54 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Local\Google 2014-07-05 15:41 - 2014-07-05 15:41 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\DropboxMaster 2014-07-05 15:41 - 2014-07-05 15:39 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Dropbox 2014-07-05 15:40 - 2014-07-05 15:40 - 00000000 ____D () C:\Users\Ben & Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-07-05 11:55 - 2014-01-31 01:13 - 00001988 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk 2014-07-05 11:55 - 2014-01-31 01:07 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2014-07-05 11:54 - 2014-07-05 11:54 - 00448400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys 2014-07-05 11:54 - 2014-07-05 11:54 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-07-05 11:54 - 2014-04-20 13:04 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2014-07-05 11:54 - 2014-01-31 01:13 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2014-07-05 11:54 - 2014-01-31 01:07 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2014-07-05 11:54 - 2014-01-31 01:07 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2014-07-05 11:54 - 2014-01-31 01:07 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2014-07-05 11:54 - 2014-01-31 01:07 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2014-07-05 11:54 - 2014-01-31 01:07 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys 2014-07-05 11:54 - 2014-01-31 01:07 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2014-07-05 11:54 - 2014-01-31 01:07 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2014-07-03 07:48 - 2014-06-22 10:27 - 00000000 ____D () C:\ProgramData\Fast And Safe 2014-06-30 18:45 - 2014-07-09 19:20 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-06-28 03:48 - 2014-07-09 19:20 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-06-28 03:07 - 2014-07-09 19:20 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2014-06-26 16:55 - 2013-08-22 11:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-06-26 16:55 - 2013-08-22 11:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Users\Ben & Ramona\AppData\Local\Temp\~min56825805.dll C:\Users\Ben & Ramona\AppData\Local\Temp\~min57430010.dll C:\Users\Ben & Ramona\AppData\Local\Temp\~min65562447.dll C:\Users\Ben & Ramona\AppData\Local\Temp\~min89117615.dll C:\Users\Ben & Ramona\AppData\Local\Temp\~min90047770.dll C:\Users\Ben & Ramona\AppData\Local\Temp\~min96488172.dll C:\Users\Ben & Ramona\AppData\Local\Temp\~min98834648.dll C:\Users\Ben & Ramona\AppData\Local\Temp\~rdp58530115.dll C:\Users\Ben & Ramona\AppData\Local\Temp\~registryhlp50955635.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-24 11:46 ==================== End Of Log ===========================

Link to post
Share on other sites

Also,

I don't know if it's relevent, but ever since this issue has been happening, the cooling fan has not been running (or possibly a lot more silently). Since purchasing the laptop (3 years now) it has always had a loud fan. Now, I barely (or not at all) hear it.

 

FYI...

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.