Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 running slower than it should [Solved]

speed slow

  • This topic is locked This topic is locked

#16
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

OK, great!  As far as free office suites goes, I was advised that Kingsoft Office Free might be also worth looking into as well, and they even have versions for mobile devices too... It does look quite nice.  :D

 

Now

 

Almost there... :)

 

Run a FRST Fix
 

  • Download the attached fixlist.txt file and save it to the Desktop: Attached File  fixlist.txt   62bytes   110 downloads

     

    (Note: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.)

    Notice: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

  • Run FRST/FRST64 from your Desktop and press the Fix button just once and wait.
    FRST_Fix_zps8lrdygec.png
  • If for some reason the tool needs a restart, please make sure you let the system restart normally.  After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop named Fixlog.txt. Please post the contents of that log file into your next reply.

 


  • 0

Advertisements


#17
Feverpitch

Feverpitch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-05-2015 01 (ATTENTION: ====> FRSTversion is 10 days old and could be outdated)
Ran by Dell (administrator) on DELL-PC on 01-06-2015 07:26:56
Running from C:\Users\Dell\Desktop
Loaded Profiles: Dell (Available Profiles: Dell)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Auslogics) C:\Program Files\Auslogics\BoostSpeed\BoostSpeed.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe
() C:\Users\Dell\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Auslogics) C:\Program Files\Auslogics\Driver Updater\DriverUpdater.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [141848 2009-09-23] (Intel Corporation)
HKLM-x32\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [173592 2009-09-23] (Intel Corporation)
HKLM-x32\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [150552 2009-09-23] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [407904 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files\Citrix\ICA Client\redirector.exe [153952 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\Run: [Amazon Cloud Player] => C:\Users\Dell\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-03-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-30] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2931432088-2454819386-741456421-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo...20029,0,99,9284
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2931432088-2454819386-741456421-1000 -> {2CC68BCF-FBE2-433E-B0D4-898417AB79EA} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2931432088-2454819386-741456421-1000 -> {3CF90F64-AFA6-4FD8-A814-9A2EDF7D4775} URL = https://search.yahoo...33,20028,0,99,0
SearchScopes: HKU\S-1-5-21-2931432088-2454819386-741456421-1000 -> {FFF4C4D8-A65C-4254-A0CB-107396E584D8} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-26] (Avast Software s.r.o.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\duihz9lz.default
FF DefaultSearchEngine.US: Bing
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.2:
FF SelectedSearchEngine: Yahoo
FF Homepage: about:home
FF Keyword.URL: hxxp://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,157,0_0,Search,20140833,20030,0,99,0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-23] ()
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2931432088-2454819386-741456421-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Dell\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-08-12] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-25]

Chrome:
=======
CHR StartupUrls: Default -> "https://search.yahoo...n.com/?pc=AV01"
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-13]
CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-13]
CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-13]
CHR Extension: (Google Search) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-13]
CHR Extension: (Bookmark Manager) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-04]
CHR Extension: (Skype Click to Call) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-13]
CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-30] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-30] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [851456 2015-04-27] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-30] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-30] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-30] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-30] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-30] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-30] ()
R3 D-Vitec; C:\Windows\System32\DRIVERS\dvitdcnt.sys [281344 2012-07-26] (D-vitec)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-30] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-30] (Avast Software)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-01 07:26 - 2015-06-01 07:27 - 00017740 _____ () C:\Users\Dell\Desktop\FRST.txt
2015-06-01 07:11 - 2015-06-01 07:12 - 06549184 _____ (Piriform Ltd) C:\Users\Dell\Downloads\ccsetup506.exe
2015-06-01 07:01 - 2015-06-01 07:01 - 00000352 _____ () C:\Windows\PFRO.log
2015-05-30 20:44 - 2015-05-30 20:44 - 00000000 ____D () C:\Program Files\ESET
2015-05-30 19:56 - 2015-05-30 20:09 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-30 19:56 - 2015-05-30 19:56 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-30 19:56 - 2015-05-30 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-30 19:56 - 2015-05-30 19:56 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-30 19:56 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-30 19:56 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-30 19:56 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-30 19:55 - 2015-05-30 19:56 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-30 19:54 - 2015-05-30 19:54 - 00001070 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-05-30 19:53 - 2015-05-30 19:54 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-05-30 19:53 - 2015-05-30 19:53 - 00000000 ____D () C:\Program Files\OpenOffice 4
2015-05-30 19:50 - 2015-05-30 19:50 - 00000000 ____D () C:\Users\Dell\Desktop\OpenOffice 4.1.1 (en-US) Installation Files
2015-05-30 19:49 - 2015-05-30 19:50 - 140852175 _____ () C:\Users\Dell\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US(1).exe
2015-05-30 19:46 - 2015-05-30 19:50 - 140852175 _____ () C:\Users\Dell\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
2015-05-30 19:42 - 2015-05-30 19:43 - 224387072 _____ () C:\Users\Dell\Downloads\LibreOffice_4.4.3_Win_x86.msi
2015-05-30 19:35 - 2015-06-01 07:01 - 00000112 _____ () C:\Windows\setupact.log
2015-05-30 19:35 - 2015-05-30 19:35 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-30 14:20 - 2015-05-30 22:38 - 00000652 _____ () C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2931432088-2454819386-741456421-1000.job
2015-05-30 13:13 - 2015-05-30 19:33 - 00000000 ____D () C:\AdwCleaner
2015-05-30 13:12 - 2015-05-30 13:12 - 02223104 _____ () C:\Users\Dell\Desktop\AdwCleaner.exe
2015-05-30 13:10 - 2015-05-30 13:10 - 00002453 _____ () C:\Users\Dell\Desktop\JRT.txt
2015-05-30 13:08 - 2015-05-30 13:08 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-DELL-PC-Windows-7-Ultimate-(32-bit).dat
2015-05-30 13:08 - 2015-05-30 13:08 - 00000000 ____D () C:\RegBackup
2015-05-30 12:47 - 2015-05-30 12:47 - 02947635 _____ (Thisisu) C:\Users\Dell\Desktop\JRT.exe
2015-05-23 20:01 - 2015-05-23 20:02 - 00035318 _____ () C:\Users\Dell\Downloads\Addition.txt
2015-05-23 20:00 - 2015-06-01 07:27 - 00000000 ____D () C:\FRST
2015-05-23 19:59 - 2015-05-23 20:00 - 01147392 _____ (Farbar) C:\Users\Dell\Desktop\FRST.exe
2015-05-18 20:47 - 2015-05-18 20:48 - 00000000 ____D () C:\ProgramData\BSD
2015-05-18 20:47 - 2015-05-18 20:47 - 07370448 _____ (Auslogics Labs Pty Ltd ) C:\Users\Dell\Downloads\anti-malware-setup.exe
2015-05-18 20:47 - 2015-05-18 20:47 - 00001130 _____ () C:\Users\Dell\Desktop\Auslogics Driver Updater.lnk
2015-05-18 20:46 - 2015-05-18 20:46 - 09118040 _____ (Auslogics Labs Pty Ltd ) C:\Users\Dell\Downloads\driver-updater-setup.exe
2015-05-18 20:46 - 2015-05-18 20:46 - 00001087 _____ () C:\Users\Dell\Desktop\Auslogics BoostSpeed 7.lnk
2015-05-18 20:45 - 2015-05-18 20:45 - 18277448 _____ (Auslogics Labs Pty Ltd ) C:\Users\Dell\Downloads\boost-speed-setup.exe
2015-05-18 08:04 - 2015-05-18 08:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-12 22:12 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 15:09 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-12 15:09 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-12 15:09 - 2015-04-27 15:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-12 15:09 - 2015-04-27 15:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-12 15:09 - 2015-04-27 15:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-12 15:09 - 2015-04-27 15:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-12 15:09 - 2015-04-27 15:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 15:09 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-12 15:09 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-12 15:09 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-12 15:09 - 2015-04-27 15:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-12 15:09 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-12 15:09 - 2015-04-27 15:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-12 15:09 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-12 15:09 - 2015-04-27 15:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-12 15:09 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-12 15:09 - 2015-04-27 15:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-12 15:09 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-12 15:09 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-12 15:09 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-12 15:09 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-12 15:09 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-12 15:09 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-12 15:09 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-12 15:09 - 2015-04-27 14:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-12 15:09 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 15:08 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 15:08 - 2015-04-19 22:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 15:08 - 2015-04-19 22:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 15:07 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 15:07 - 2015-04-21 11:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-12 15:07 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 15:07 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 15:07 - 2015-04-12 23:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 15:06 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 15:06 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-12 15:06 - 2015-04-21 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 15:06 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 15:06 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 15:06 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-12 15:06 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-12 15:06 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 15:06 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-12 15:06 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 15:06 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-12 15:06 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-12 15:06 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 15:06 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 15:06 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-12 15:06 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-12 15:06 - 2015-04-21 11:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 15:06 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-12 15:06 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-12 15:06 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 15:06 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 15:06 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 15:06 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 15:06 - 2015-04-21 11:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 15:06 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 15:06 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-12 15:06 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 15:06 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 15:06 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 15:06 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 15:06 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-12 15:06 - 2015-04-07 23:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-12 15:06 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-12 15:06 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-12 15:06 - 2015-03-04 00:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-12 15:06 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 15:04 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-04 07:57 - 2015-06-01 07:11 - 01524685 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-01 07:18 - 2009-07-14 00:34 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-01 07:18 - 2009-07-14 00:34 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-01 07:17 - 2014-03-25 11:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-01 07:13 - 2014-04-13 18:32 - 00000925 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-06-01 07:13 - 2014-04-13 18:31 - 00000000 ____D () C:\Program Files\CCleaner
2015-06-01 07:11 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-06-01 07:10 - 2009-07-13 22:04 - 00000541 _____ () C:\Windows\win.ini
2015-06-01 07:02 - 2014-04-13 18:30 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-01 07:01 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-01 07:01 - 2009-07-14 00:33 - 00426720 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-30 22:57 - 2014-04-13 18:30 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-30 22:35 - 2014-08-12 20:04 - 00000556 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2931432088-2454819386-741456421-1000.job
2015-05-30 20:05 - 2014-03-25 11:20 - 00115288 _____ () C:\Users\Dell\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-30 19:33 - 2014-04-13 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftwareWatcher bundle
2015-05-30 11:44 - 2014-08-13 16:27 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-30 10:49 - 2014-04-13 18:41 - 00000000 ___RD () C:\Program Files\Skype
2015-05-25 17:59 - 2014-04-13 18:31 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-23 23:48 - 2015-04-06 22:37 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-23 18:59 - 2014-03-25 11:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-05-23 18:59 - 2014-03-25 11:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-05-23 18:56 - 2014-08-12 21:29 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-05-23 18:55 - 2014-04-13 18:42 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Skype
2015-05-23 18:55 - 2014-04-13 18:41 - 00000000 ____D () C:\ProgramData\Skype
2015-05-23 18:39 - 2014-04-13 19:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-18 21:20 - 2009-07-14 03:50 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-18 20:47 - 2014-04-13 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2015-05-18 20:47 - 2014-04-13 18:38 - 00000000 ____D () C:\ProgramData\Auslogics
2015-05-18 20:47 - 2014-04-13 18:38 - 00000000 ____D () C:\Program Files\Auslogics
2015-05-18 10:38 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-18 09:03 - 2014-04-13 19:02 - 00000000 ____D () C:\Users\Dell\Documents\Copywriting
2015-05-18 09:03 - 2014-03-25 11:18 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Adobe
2015-05-18 07:09 - 2014-03-24 15:53 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-18 07:07 - 2014-04-13 19:53 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-18 06:58 - 2014-03-23 14:02 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-18 06:55 - 2014-03-24 15:53 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-18 06:48 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-12 22:11 - 2014-03-25 11:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-12 13:13 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache

==================== Files in the root of some directories =======

2014-08-12 21:07 - 2014-08-12 21:07 - 0000984 _____ () C:\Users\Dell\AppData\Roaming\.starmoon_kst.cfg

Some files in TEMP:
====================
C:\Users\Dell\AppData\Local\Temp\Quarantine.exe
C:\Users\Dell\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-18 20:43

==================== End of log ============================


  • 0

#18
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Please refer back to my last post... that is a Scan and we need to run a FRST Fix. :o

 

If you haven't done so already, go back to my last post, download the attached fixlist.txt file in it, run FRST, and press the Fix button... then post the log back here. ;)


  • 0

#19
Feverpitch

Feverpitch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

Fix result of Farbar Recovery Scan Tool (x86) Version: 22-05-2015 01
Ran by Dell at 2015-06-01 09:25:56 Run:3
Running from C:\Users\Dell\Desktop
Loaded Profiles: Dell (Available Profiles: Dell)
Boot Mode: Normal

==============================================

fixlist content:
*****************
C:\Users\Dell\Downloads\tall_13080342562142054.exe
EmptyTemp:
*****************

C:\Users\Dell\Downloads\tall_13080342562142054.exe => Moved successfully.
EmptyTemp: => Removed 99.2 MB temporary data.


The system needed a reboot.

==== End of Fixlog 09:26:15 ====


  • 0

#20
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

That's much better, thanks.  At this point, everything is looking good, so I can share with you some great news:
 
Congratulations, your log is clean! :thumbsup:

Now, let's cover some additional steps to clean up your computer and help you avoid getting infected again...

Tools Cleanup and Housekeeping
The first thing we need to do is to remove all the tools that we have used. This is so that should you ever be re-infected, you will download updated versions. It will also remove the quarantined Malware from your computer.


Tool Removal
We need to remove the tools we've used during cleaning your machine

  • Download DelFix from here
  • Ensure Remove disinfection tools is ticked
  • Also check these options:
    • Activate UAC
    • Create registry backup
    • Purge system restore
    • Reset System Settings
    delfix_zpsjnkukbim.png
  • Click Run
  • The program will run for a few moments and then notepad will open with a log.

Please paste the log in your next reply, and delete any logs that you have left over on your desktop.

Now let's take a few preventative measures to reduce the risk of further infections. :cool:


Automatic Updates for Windows 7
Another essential is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help keep your computer from becoming vulnerable. It is best if you have these set to download automatically.

Turn ON Automatic Updates in Windows 7


Keep Java Updated
Warning: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java.
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to disable Java in your web browser and How to unplug Java from the browser).

If you do need to keep Java then download JavaRa.
Run the program and select Remove Java Runtime. Uninstall all versions of Java present.
Once done then run it again and select Update Java runtime > Download and install Latest version.
javara.JPG


Web Browser security
Most malware is exploiting Internet Explorer's vulnerabilities, with Firefox you will likely be more secure.

Note: If you are going to use Firefox, I would suggest the use of these add-ons:

  • NoScript - for blocking ads and other potential website attacks.
  • AdBlock Plus - block annoying ads that cost you expensive bandwith, with the added benefit of faster page loading.
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.

Other Program updates
If you use any Adobe software make sure to keep them updated. Best of all, they are FREE.
Note: Make sure to uncheck the check box labelled "Yes, install McAfee Security Scan Plus - optional", or any other optional "features".

Anti Virus Programs
On to personal Anti Virus programs. One AV is a must have, but never more than one, as this can and will cause conflicts, system slow-downs, and false readings.

If you wish to keep using your current program, always make sure it is up to date and enabled.
- OR -
These FREE ones are as good as any paid subscription AV, as long as you allow them to update themselves:

Anti Spyware Programs
You already have an excellent preventative program that will help to keep the nasties away - Malwarebytes Anti-Malware. I would advise running this at least once a month. If you need to download it again, you can get it from here:

Malwarebytes Anti-Malware


Instant Messengers
Almost done! If you like to use chat, MSN and Yahoo have vulnerabilities that can leave you open to infections. There are however a couple of very good, malware-free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN):

File/System Cleaners
Finally, it is a good idea to clear out all your temp files every now and again. This will help keep your computer running optimally. It can detect registry errors, missing shortcuts, invalid files, etc. It also can assist in getting rid of files that may contain malicious code that could re-infect your computer.

CryptoLocker Warning
CryptoLocker is a particularly nasty infection which is becoming more prevalent...

Go here for information about CryptoLocker Ransomware. Learning about what is out there may help you prevent infection. The best protection against this infection is to backup your files often. If you're using an external drive, keep it unplugged from the computer when you're not backing up files or using it. This will prevent the infection from getting to your backed up files if you ever have the frustrating experience of contracting it.

It is suggested to download and install CryptoPrevent, which is free for home use. It will help prevent CryptoLocker and other similar infections.


Further Reading
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this excellent article, originally written by Tony Klein, and updated by SpySentinel.

I will keep this log open for the next couple of days, so if you have any further problems, you can post another reply here.

OK, happy computing, and stay safe! :cool:

Please reply again to this thread to acknowledge you have read my last post. If you have no further questions, this thread will be closed to prevent others from posting here.

Thanks!


  • 0

#21
Feverpitch

Feverpitch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

# DelFix v1.010 - Logfile created 01/06/2015 at 19:04:30
# Updated 26/04/2015 by Xplode
# Username : Dell - DELL-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\Dell\Desktop\Addition.txt
Deleted : C:\Users\Dell\Desktop\AdwCleaner.exe
Deleted : C:\Users\Dell\Desktop\Fixlog.txt
Deleted : C:\Users\Dell\Desktop\FRST.exe
Deleted : C:\Users\Dell\Desktop\FRST.txt
Deleted : C:\Users\Dell\Desktop\JRT.exe
Deleted : C:\Users\Dell\Desktop\JRT.txt
Deleted : C:\Users\Dell\Downloads\Addition.txt
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #116 [Windows Update | 05/11/2015 22:25:42]
Deleted : RP #117 [Windows Update | 05/13/2015 02:04:27]
Deleted : RP #118 [Windows Update | 05/18/2015 10:55:00]
Deleted : RP #119 [Windows Update | 05/19/2015 01:19:41]
Deleted : RP #120 [Windows Update | 05/23/2015 22:57:16]
Deleted : RP #121 [Windows Update | 05/24/2015 03:48:07]
Deleted : RP #122 [Windows Update | 05/30/2015 14:56:27]
Deleted : RP #123 [Removed VideoBuzz | 05/30/2015 15:43:39]
Deleted : RP #125 [Restore Point Created by FRST | 05/30/2015 16:48:15]
Deleted : RP #127 [Restore Point Created by FRST | 05/30/2015 16:59:40]
Deleted : RP #128 [Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 | 05/30/2015 23:51:07]
Deleted : RP #129 [Installed OpenOffice 4.1.1 | 05/30/2015 23:53:04]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
 

 

All sorts of problems:

 

I tried the Start, Update, Windows Update ... but I don't see Windows as a program option.

 

I need Java to play Scrabble and other games on Pogo.com. It really is an addiction of mine! I know Pogo is shaky at times, but it's the only site I know where I can play a ton of games. When I tried to download JavaRa, I got: "

  • The Microsoft .NET Framework needs to be installed to use.
  • You must run JavaRa with administrator rights."

 

I never use IE Explorer; always FireFox. Sometimes Chrome.

 

NoScript and AdBlockPlus could not be"downloaded because of a connection error."

 

I don't want McAfee SiteAdvisor unless it won't interfere with my Avast Antivirus. I really don't like McAfee based on experience. Please assure me that this program won't interfere.

 

Adobe updates come through regularly, so that's not a problem.

 

Thanks for all the other information. Too much there to reply about it all! lol

 

 

 

 

 

 

 

 


  • 0

#22
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

All sorts of problems:
 
I tried the Start, Update, Windows Update ... but I don't see Windows as a program option.

I'm not sure I understand you here.  Are you saying that Windows Update isn't working?  Can you run it from the Control Panel > Windows Update?

I think those instructions Microsoft posted should be updated to say "Click Start, and in the Search box, type Windows Update".  There might be too many hits for the word "update" these days.  :)

 

I need Java to play Scrabble and other games on Pogo.com. It really is an addiction of mine! I know Pogo is shaky at times, but it's the only site I know where I can play a ton of games. When I tried to download JavaRa, I got: "

  • The Microsoft .NET Framework needs to be installed to use.
  • You must run JavaRa with administrator rights.

You already have the latest version of Java installed, so no action should be needed.
 
The JavaRa instructions are provided just as a convenient tool to check/verify/download/update Java.  You don't have to use it if you don't want.  The important thing is that you keep Java up to date if you do have it installed, because it's a large target for malware.
 
I think those messages are just a notice on the JavaRa download page.  If you need .NET Framework to run JavaRa, you can get it from here.
 
Yes, you will need administrator rights to run JavaRa
 
After you download it (get the current stable version, v2.6, which is a ZIP file), you should browse to where you downloaded it, right-click on it and select "Extract...", then choose a location for the extracted files. 
 
After extraction is done, use Windows Explorer to browse to where you extracted it, and navigate to JavaRa.exe, right-click on it and choose "Run as adminstrator..." to run the program, and follow the prompts to check your version, get the latest, etc.  
 
 

I never use IE Explorer; always FireFox. Sometimes Chrome.
 
NoScript and AdBlockPlus could not be"downloaded because of a connection error."

Try this:

  • In Firefox select Tools > Add-ons.
  • In the Add-ons Manager select Get Add-ons.
  • Type AdBlock Plus into the search box and try to directly install the add-on from there.
  • If that works, try also searching for NoScript and installing the same way.

If that doesn't work, you can try disabling Avast! for 10 minutes by right-clicking on the System Tray icon for it and select Avast shields control > Disable for 10 minutes, then try to install the add-ons again.
 
Be advised that NoScript can be a little daunting at first, until you get the hang of it.  You may be surprised at how much is loaded behind the scenes as you browse the web.  I rely heavily on NoScript to protect me while researching malware log entries... ;)
 

I don't want McAfee SiteAdvisor unless it won't interfere with my Avast Antivirus. I really don't like McAfee based on experience. Please assure me that this program won't interfere.
 
Adobe updates come through regularly, so that's not a problem.
 
Thanks for all the other information. Too much there to reply about it all! lol

I think McAfee SiteAdvisor should play nice with Avast!, but you can disable or uninstall it if you like to see for yourself. I don't currently use it, so I can't say either way. :)

As far as responding to all ofthe information, a simple acknowledgement that you read through the material is all I need. I'm trying to cover a broad subject (staying protected) in a relatively short post. Of course, I'm happy to answer your questions.

Please let me know about Windows Update, and if you have any more questions. :D


  • 0

#23
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello Feverpitch,
 
One other thing...
 

I think McAfee SiteAdvisor should play nice with Avast!, but you can disable or uninstall it if you like to see for yourself. I don't currently use it, so I can't say either way.

 
My apologies, as my comment about McAfee Site Advisor was incorrect.  If you have the Avast! Online Security Add-On enabled, you should uninstall the McAfee Site Advisor program..


  • 0

#24
Feverpitch

Feverpitch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

Good news!

 

It appears as if my system already has the Windows updates automatically made. Last one was made 5/31.  Same with Java updates.

 

AdBlock Plus and NoScript were easy to install through the Tools menu.

 

Thanks for all your help. At least the system is clean now. Very little faster, so that leads to another related question:

 

I have AusLogics BoostSpeed Basic installed (free version about 2 weeks ago). Is this a legitimate program? It tells me that there are 1,419 junk files, 88 system stability issues, and 59 computer speed issues. All say "High Impact." Is this a gimmick program that I should uninstall or is it like one of those registry cleaner programs that bring up more problems if you use them? 


  • 0

#25
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Good news!
 
It appears as if my system already has the Windows updates automatically made. Last one was made 5/31.  Same with Java updates.
 
AdBlock Plus and NoScript were easy to install through the Tools menu.
 
Thanks for all your help. At least the system is clean now.

Great! So glad we could help!  :thumbsup:
 

Very little faster, so that leads to another related question:
 
I have AusLogics BoostSpeed Basic installed (free version about 2 weeks ago). Is this a legitimate program? It tells me that there are 1,419 junk files, 88 system stability issues, and 59 computer speed issues. All say "High Impact." Is this a gimmick program that I should uninstall or is it like one of those registry cleaner programs that bring up more problems if you use them?


AusLogics BoosSpeed has a registry cleaner component, I believe, and yes, it is best to stay away from any any registry cleanup/optimization tools.

There are other tools in packages like that which might help you decide what programs to uninstall to free up some drive space if you need it, those seldom used, orphaned shortcuts, etc..  Personally would avoid such tools except maybe on occasion for guidance only.

Do you have any further questions?


  • 0

Advertisements


#26
Feverpitch

Feverpitch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

That's all my questions for now. Thanks!!!


  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP