Bonjour, I already wrote to you per email one month ago, now I'm registered and I post here on the forum. I am cumdacon and I posted 2012 on the forum "general changelog". In the meantime I see that you changed the forum adress and switched from ZHPdiag to FRST. Vista ended its main support one month ago, [Office2007 is still receiving updates at least until september and Firefox 52ESR until at least june 2008 - even if Mozilla blacklisted my GTX650 without any reason - she is capable up to H264 4K full screen at 120Mbps with only 6% CPU load...but I have problems with a simply 240p on Facebook via Firefox! Therefore I am very very unhappy with Mozilla - no HW acceleration means that you are unable using Street View even if you was able using it for 4 hours until 2015! -  very abusive in my opinion, BUT Mozilla can guarantee security updates until 2018, then we will see what to do. Mozilla simply waited more than ONE YEAR, and one year after she replied to me "hey now Vista is no longer supported by MS itself!" - ok but...until "now"??] and before to make my "final" disk image I ask here for your help.

I guess (that is only my guess) that I am not infected on both PCs, but.... 1) regarding the attached file "A_Laptop.rar" I see some Warning messages from FRST.exe, like

http://postimg.org/image/5lxeej9er/

Anyway I was able to do a Scan.

2) I want to add some (useful?) details about attached file "B_Desktop.rar": sometimes there are OS hangs just after a boot (when Comodo is updating his database). "Event viewer" application tells me that there are EXE files that slow down the boot speed/boot process (causing OS hang? it seems so). Here I still see something like "83,7 seconds delay"

http://postimg.org/image/fpgp4xrsx/

related to NORTON (even if it has been fully uninstalled since 2012!). Perhaps FRST could definitively erase this old Symantec exetutable file. As a workaround I need a reboot and restart the CIS updating database process, then I am fine (with all other database updates the whole day), until the next boot. I see 4 active processes javaw.exe at boot, even if I fully uninstalled Java! perhaps this maybe a problem, but it maybe even a bigger problem if we erase these old java.exe, perhaps they are used by HP applications installed by the vendor (ex.gr. Monitor Software, Toolbox and HP Solution Center from 2007, which is useful today too, for scanner, printer options...as you see its is important having these HP app working). Therefore I am taken by fright in "simply" deleting these javaw.exe files, perhaps I will receive error messages from OS. Anyway cmdguard.sys seems to be involved at boot and this driver belongs to Comodo hmmmmm Perhaps CIS interactions at boot with Symantec "to be erased" products??? Maybe that a cleaning process via FRST may help a lot.

3)

http://postimg.org/image/xuyzdivjn/

you see 3 commercials on Facebook Home/News. Since 2 months ADBlock seems to be unable in blocking the ads and sponsored posts, very strage :(

Here the attached logs ("A and B" in RAR files) for analysis. Merci beaucoup. Best Regards from your old cumdacon,

ooopsssss!! its nonsense...but now I discover that there is not an option to add attachments here on the forum, very strange...how can I send these (long) reports, via email? is it safe to add these high personal infos about PC via zippyshare? hmmmm thanks for suggestions.

Re: Cleaning process for both Vista32: there is something to be erased?

for hidding ports. oh I disabled Windows Firewall since 8 years hehehe

Re: Cleaning process for both Vista32: there is something to be erased?

Hi again, sorry a question: is this a new very strange updating system or a malware? thanks

  found in %temp% and I was asked at boot by UAC if I want to run it. I deleted it and stop. Today, since I have a clean disk image (thanks for your previous help), I accepted and clicked on OK. Online I find fast nothing about this autorun installer, released by Comodo on 30th june.thanks.

Re: Cleaning process for both Vista32: there is something to be erased?

Hello,

Can you share this file?

Please do a right click on it -> Send to -> compressed folder.

Then, upload it on Up2Share and share the generated link.

Thanks!

Re: Cleaning process for both Vista32: there is something to be erased?

Hi, thanks, I have to wait the next update because I deleted this installer from %temp%. But I clicked on the exe in the generated folder and it seems ok, a real comodo app: here what I see, perhaps a "new product":

Re: Cleaning process for both Vista32: there is something to be erased?

Yes, Comodo ISE is legit and part of the whole Comodo bundle.

Best regards,

Re: Cleaning process for both Vista32: there is something to be erased?

I warmly thank you. (Since 02.juny all is ok at boot after the definitions update at boot https://toolslib.net/forum/viewthread/11691-cleaning-process-both-vista32-there-something-be-erased/?p=1#!messageId-11854  even if Comodo has NOT been upgraded. Perhaps a month is too soon to be allowed to say "it is definitively fixed").