• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
    • Budfred

      PLEASE READ - Reversing upgrade   02/23/2017

      We have found that this new upgrade is somewhat of a disaster.  We are finding lots of glitches in being able to post and administer the forum.  Additionally, there are new costs associated with the upgrade that we simply cannot afford.  As a result, we have decided to reverse course and go back to the previous version of our software.  Since this will involve restoring it from a backup, we will lose posts that have been added since January 30 or possibly even some before that.    If you started a topic during that time, we urge you to make backups of your posts and you will need to start the topics over again after the change.  You can simply paste the copies of your posts that you created at that point.    If you joined the forum this month, you will need to re-register since your membership will be lost along with the posts.  Since you have a concealed password, we cannot simply restore your membership for you.   We are going to backup as much as we can so that it will reduce inconvenience for our members.  Unfortunately we cannot back everything up since much will be incompatible with the old version of our software.  We apologize for the confusion and regret the need to do this even though it is not viable to continue with this version of the software.   We plan to begin the process tomorrow evening and, if it goes smoothly, we shouldn't be offline for very long.  However, since we have not done this before, we are not sure how smoothly it will go.  We ask your patience as we proceed.   EDIT: I have asked our hosting service to do the restore at 9 PM Central time and it looks like it will go forward at that time.  Please prepare whatever you need to prepare so that we can restore your topics when the forum is stable again.

marcmeier

Full Member
  • Content count

    141
  • Joined

  • Last visited

About marcmeier

  • Rank
    Fully Confused Member
  • Birthday 04/22/1959

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Gender
    Male
  • Location
    New Zealand
  1. Thanks, Nasdaq In progress. Taking a long time. Seems that Internet page resolution is chewing processor and is certainly slow. When at it's worst, you can type, say, "and" and wait for about 10 seconds before the word appears. Will get back to you. Cheers, Marc
  2. Hi, Nasdaq Since AVG settled down, same symptoms. Problem is that they vary enough to not be certain. Please be patient and keep the topic open. Thank you very much for the help so far. Cheers, Marc
  3. Hi, Nasdaq Hope you had a good break. All done as requested, but seems to still max the CPU's out. Will continue to monitor and give feedback. <Edit> Noted Avast! using heaps of CPU, uninstalled, AVG Free installed, much better (30% as I type) <End Edit> Zoek log: Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by Administrator on 10/01/17 at 15:23:26.88. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Administrator\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 10/01/17 15:24:56 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\Auslogics deleted successfully C:\Program Files\epson deleted successfully C:\Program Files\GUMEE26.tmp deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\VideoLAN deleted successfully C:\PROGRA~2\Auslogics deleted successfully C:\Users\Administrator\AppData\Local\ESET deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-98737323-1009773367-2146176377-500\Software\Microsoft\Internet Explorer\SearchScopes\{76DEFAE6-09B2-40B2-8F8A-5A6A5D5CE4EB} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\Program Files\Auslogics not found C:\Program Files\epson not found C:\Program Files\GUMEE26.tmp not found C:\Program Files\VideoLAN not found C:\Program Files\Conduit deleted C:\PROGRA~2\Package Cache deleted "C:\PROGRA~2\{429CAD59-35B1-4DBC-BB6D-1DB246563521}" deleted ==== Orphaned Tasks deleted from Registry ====================== Auslogics\BoostSpeed deleted Auslogics\BoostSpeed\Start BoostSpeed ?n Administrator logon deleted avast Emergency Update deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [10/01/17 15:10] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.80 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eofcbnmajmjmplflapaojjnihcjkigck - No path found[] gomekmidlodglbbmalcneegieacbdmki - No path found[] Chrome Media Router - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage deleted successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://search.yahoo.com/?fr=vmn&type=auslog_yaapp1_hp" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Reset Google Chrome ====================== C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Empty IE Cache ====================== C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T7AM97I0 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=12 folders=13 6777914 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ADMINI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T7AM97I0" not found ==== EOF on 10/01/17 at 16:02:40.06 ======================
  4. Thanks, Nasdaq All done as requested. Initially OK, but back to 28% memory and 100% CPU usage. Log follows: Fix result of Farbar Recovery Scan Tool (x86) Version: 21-12-2016 Ran by Administrator (24-12-2016 14:38:32) Run:1 Running from C:\Users\Administrator\Desktop Loaded Profiles: Administrator (Available Profiles: User & Administrator) Boot Mode: Normal ============================================== fixlist content: ***************** Start CreateRestorePoint: EmptyTemp: CloseProcesses: BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File FF Plugin: @microsoft.com/GENUINE -> disabled [No File] CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-18] CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-23] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> Task: {4C38CCDF-4929-4EC2-A731-345C39E149BE} - \Auslogics\BoostSpeed\Start BoostSpeed ?n Administrator logon -> No File <==== ATTENTION Task: {71197994-0A1B-4996-A81A-28F62D51B437} - \Auslogics\BoostSpeed\Scan and Repair -> No File <==== ATTENTION Reboot: End ***************** Restore point was successfully created. Processes closed successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => key removed successfully. HKCR\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => value removed successfully. HKCR\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => key not found. "HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully. C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully "HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => key removed successfully. "HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C38CCDF-4929-4EC2-A731-345C39E149BE}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C38CCDF-4929-4EC2-A731-345C39E149BE}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Auslogics\BoostSpeed\Start BoostSpeed ?n Administrator logon => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71197994-0A1B-4996-A81A-28F62D51B437}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71197994-0A1B-4996-A81A-28F62D51B437}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Auslogics\BoostSpeed\Scan and Repair" => key removed successfully. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5851285 B Java, Flash, Steam htmlcache => 710 B Windows/system/drivers => 153096270 B Edge => 0 B Chrome => 39138772 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 22965014 B LocalService => 132244 B NetworkService => 66812 B User => 5305264 B Administrator => 204348604 B RecycleBin => 1763360 B EmptyTemp: => 420.6 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 14:39:18 ====
  5. Hi, all, and compliments of the Season. I haven't posted for literally years, but I'd appreciate a check on this laptop, which seems slow, given that it's a core i3, 2.4Ghz, 4 thread, 4Gb machine, running Win 7 Home Premium. Mind you, I did get it from a family whose teenagers did some suspect downloads.... No rush, logs follow. Cheers Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 12/23/16 Scan Time: 1:53 PM Logfile: MBAM_Log.txt Administrator: Yes -Software Information- Version: 3.0.5.1299 Components Version: 1.0.43 Update Package Version: 1.0.839 License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x86 File System: NTFS User: USER-PC\Administrator -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 300635 Time Elapsed: 19 min, 1 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 1 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\BOOSTSPEED.EXE, Quarantined, [2025], [341835],1.0.839 Module: 31 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\RTL160.BPL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\AXCOMPONENTSRTL.BPL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\AXBROWSERS.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\AXCOMPONENTSVCL.BPL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\COMMONFORMS.ROUTINE.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\DISKDEFRAGHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ATPOPUPSHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\TASKSCHEDULERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ACTIONCENTERFORMS.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ADVISORHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\UNINSTALLMANAGERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\VCL160.BPL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\TWEAKMANAGERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\COMMONFORMS.SITE.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\VCLIMG160.BPL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\RESCUECENTERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ATTOOLSSTDHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\REPORTHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\BOOSTSPEED.EXE, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ACTIONCENTERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\DEBUGHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ATUPDATERSHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\VOLUMESHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ATTOOLSEXTHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\LOCALIZER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\SERVICESOPTIMIZATIONTOOL.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\SPYWARECHECKERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\BROWSERCAREHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\SYSTEMINFORMATIONHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\GOOGLEANALYTICSHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\SQLITE3.DLL, Quarantined, [2025], [341835],1.0.839 Registry Key: 23 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\CLSID\{93469602-4134-4012-A6BC-F0AD1C3D66AB}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\BCAgentCOM32.BCAgent32, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\APPID\{93469602-4134-4012-A6BC-F0AD1C3D66AB}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\TYPELIB\{F2C6F7D1-ED32-49E5-9919-CBF4ABB4456D}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\INTERFACE\{3A3310BE-83DD-4E80-AC51-997CA2BA1080}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\CLSID\{93469602-4134-4012-A6BC-F0AD1C3D66AB}\InprocServer32, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\CLSID\{278029E0-2347-4254-A65E-204AC55E2508}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\DiskDoctorChecker.DiskChecker, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\APPID\{278029E0-2347-4254-A65E-204AC55E2508}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\TYPELIB\{FE9301D5-9266-4A2F-8767-85482115CAB0}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\INTERFACE\{DCC049B0-CA04-4E58-B4C8-CE62AC6F5096}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\CLSID\{278029E0-2347-4254-A65E-204AC55E2508}\InprocServer32, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\CLSID\{93469602-4134-4012-A6BC-D46FF1C671E9}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\TMAgentCOM.TMAgent, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\APPID\{93469602-4134-4012-A6BC-D46FF1C671E9}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\TYPELIB\{F2C6F7D1-ED32-49E5-9919-00DB857103B2}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\INTERFACE\{6855F0CE-00B1-483F-8633-33B650EE4310}, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\CLASSES\CLSID\{93469602-4134-4012-A6BC-D46FF1C671E9}\InprocServer32, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsDiskDefrag, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\AUSLOGICS\BoostSpeed, Quarantined, [2025], [341837],1.0.839 PUP.Optional.AuslogicsDiskDefrag, HKLM\SOFTWARE\AUSLOGICS\Disk Defrag, Quarantined, [2275], [350021],1.0.839 PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cflheckfmhopnialghigdlggahiomebp, Quarantined, [13420], [186948],1.0.839 Registry Value: 1 PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cflheckfmhopnialghigdlggahiomebp|PATH, Quarantined, [13420], [186948],1.0.839 Data Stream: 0 (No malicious items detected) Folder: 19 PUP.Optional.AuslogicsBoostSpeed, C:\ProgramData\Auslogics\BoostSpeed\9.x\IgnoredLists, Quarantined, [2025], [341833],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\ProgramData\Auslogics\BoostSpeed\9.x\Logs, Quarantined, [2025], [341833],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\ProgramData\Auslogics\BoostSpeed\9.x, Quarantined, [2025], [341833],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAMDATA\Auslogics\BoostSpeed, Quarantined, [2025], [341833],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\ProgramData\Auslogics\Disk Defrag\7.x\Reports, Quarantined, [2275], [350024],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\ProgramData\Auslogics\Disk Defrag\7.x\Data, Quarantined, [2275], [350024],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\ProgramData\Auslogics\Disk Defrag\7.x, Quarantined, [2275], [350024],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\PROGRAMDATA\Auslogics\Disk Defrag, Quarantined, [2275], [350024],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\AUSLOGICS\BOOSTSPEED, Quarantined, [2025], [341834],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Setup, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Lang, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Data, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\WINDOWS\SYSTEM32\TASKS\AUSLOGICS\BOOSTSPEED, Quarantined, [2025], [341836],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\AUSLOGICS\Disk Defrag, Quarantined, [2275], [350023],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Setup, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Lang, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Data, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\PROGRAM FILES\AUSLOGICS\DISK DEFRAG, Quarantined, [2275], [350025],1.0.839 File: 147 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\RTL160.BPL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\AXCOMPONENTSRTL.BPL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\AXBROWSERS.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\AXCOMPONENTSVCL.BPL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\COMMONFORMS.ROUTINE.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\DISKDEFRAGHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ATPOPUPSHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\TASKSCHEDULERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\ProgramData\Auslogics\BoostSpeed\9.x\IgnoredLists\TRE_User.igl, Delete-on-Reboot, [2025], [341833],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\ProgramData\Auslogics\BoostSpeed\9.x\Logs\BoostSpeedLogic.log, Quarantined, [2025], [341833],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\ProgramData\Auslogics\BoostSpeed\9.x\Logs\InternetOptimizerStatistics.log, Quarantined, [2025], [341833],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\ProgramData\Auslogics\BoostSpeed\9.x\Logs\TweakManagerStatistics.log, Quarantined, [2025], [341833],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\ProgramData\Auslogics\BoostSpeed\9.x\StatDB.json, Quarantined, [2025], [341833],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\ProgramData\Auslogics\Disk Defrag\7.x\Data\giveaway.json, Quarantined, [2275], [350024],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\ProgramData\Auslogics\Disk Defrag\7.x\Data\giveaway.png, Quarantined, [2275], [350024],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\ProgramData\Auslogics\Disk Defrag\7.x\Reports\Disk_Defrag_Report.xml, Quarantined, [2275], [350024],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\ProgramData\Auslogics\Disk Defrag\7.x\Reports\Disk_Defrag_Report.xslt, Quarantined, [2275], [350024],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ACTIONCENTERFORMS.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ADVISORHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\UNINSTALLMANAGERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\VCL160.BPL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\TWEAKMANAGERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\COMMONFORMS.SITE.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\VCLIMG160.BPL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\RESCUECENTERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ATTOOLSSTDHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\REPORTHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\BOOSTSPEED.EXE, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ACTIONCENTERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\DEBUGHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ATUPDATERSHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\VOLUMESHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\ATTOOLSEXTHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\LOCALIZER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\SERVICESOPTIMIZATIONTOOL.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\SPYWARECHECKERHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\BROWSERCAREHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\SYSTEMINFORMATIONHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\GOOGLEANALYTICSHELPER.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAM FILES\AUSLOGICS\BOOSTSPEED\SQLITE3.DLL, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\USERS\ADMINISTRATOR\DESKTOP\AUSLOGICS DISK DEFRAG.LNK, Quarantined, [2275], [350022],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\BoostSpeed\Auslogics BoostSpeed 9 on the Web.url, Quarantined, [2025], [341834],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\BoostSpeed\Auslogics BoostSpeed 9.lnk, Quarantined, [2025], [341834],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\BoostSpeed\Auslogics Rescue Center.lnk, Quarantined, [2025], [341834],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Lang\deu.lng, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Lang\enu.lng, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Lang\esp.lng, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Lang\fra.lng, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Lang\ita.lng, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Lang\jpn.lng, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Lang\rus.lng, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Setup\SetupCustom.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Data\Applications.dat, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Data\main.ini, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\Data\products.json, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\InternetOptimizer.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\InternetOptimizerHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\ndefrg32.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\rdboot32.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\RegistryCleanerHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\RegistryDefrag.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\RegistryDefragHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\RescueCenter.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\RescueCenterForm.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\SendDebugLog.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\ServiceManagerHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\ShellExtension.ContextMenu.x32.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\ShellExtension.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\StartupManager.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\StartupManagerHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\SystemInformation.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\TaskManager.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\BrowserCareHelper.Agent.x32.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\cdefrag.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\CommonForms.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DiskCleanerHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DiskDoctor.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DiskDoctorChecker.x32.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DiskDoctorHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DiskExplorer.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DiskExplorerHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DiskWipeHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DSSrcAsync.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DSSrcWM.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DuplicateFileFinder.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DuplicateFileFinderHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\EULA.rtf, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\FileRecovery.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\FileRecoveryHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\FileShredder.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\FreeSpaceWiper.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\DiskDefrag.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\GASender.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\TaskManagerHelper.Agent.x32.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\TaskManagerHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\TrackEraserHelper.dll, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\TweakManager.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\unins000.dat, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\unins000.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\unins000.msg, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Program Files\Auslogics\BoostSpeed\UninstallManager.exe, Quarantined, [2025], [341835],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Windows\System32\Tasks\Auslogics\BoostSpeed\Scan and Repair, Quarantined, [2025], [341836],1.0.839 PUP.Optional.AuslogicsBoostSpeed, C:\Windows\System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed \u00d0\u00ben Administrator logon, Quarantined, [2025], [341836],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Disk Defrag\Auslogics Disk Defrag on the Web.url, Quarantined, [2275], [350023],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Disk Defrag\Auslogics Disk Defrag.lnk, Quarantined, [2275], [350023],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Disk Defrag\Check Your PC Performance.url, Quarantined, [2275], [350023],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Lang\deu.lng, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Lang\enu.lng, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Lang\esp.lng, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Lang\fra.lng, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Lang\ita.lng, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Lang\jpn.lng, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Lang\rus.lng, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Data\main.ini, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Setup\SetupCustom.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\AxBrowsers.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\AxComponentsRTL.bpl, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\AxComponentsVCL.bpl, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\cdefrag.exe, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\CommonForms.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\CommonForms.Routine.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\CommonForms.Site.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\DebugHelper.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\DiskCleanerHelper.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\DiskDefrag.exe, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\DiskDefragHelper.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\DiskWipeHelper.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\EULA.rtf, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\GASender.exe, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\GoogleAnalyticsHelper.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\Localizer.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\ndefrg32.exe, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\RegistryCleanerHelper.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\ReportHelper.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\rtl160.bpl, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\SendDebugLog.exe, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\ShellExtension.ContextMenu.x32.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\ShellExtension.ContextMenu.x64.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\ShellExtension.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\sqlite3.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\TaskSchedulerHelper.dll, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\unins000.dat, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\unins000.exe, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\unins000.msg, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\vcl160.bpl, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\vclimg160.bpl, Quarantined, [2275], [350025],1.0.839 PUP.Optional.AuslogicsDiskDefrag, C:\Program Files\Auslogics\Disk Defrag\VolumesHelper.dll, Quarantined, [2275], [350025],1.0.839 Physical Sector: 0 (No malicious items detected) (end) Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-12-2016 Ran by Administrator (administrator) on USER-PC (23-12-2016 14:28:28) Running from C:\Users\Administrator\Desktop Loaded Profiles: Administrator (Available Profiles: User & Administrator) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\asulaunch.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-18] (AVAST Software) HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes) HKU\S-1-5-21-98737323-1009773367-2146176377-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-07] (Piriform Ltd) HKU\S-1-5-21-98737323-1009773367-2146176377-500\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.) HKU\S-1-5-21-98737323-1009773367-2146176377-500\...\MountPoints2: {0e91cbb5-c640-11e1-8409-806e6f6e6963} - D:\InstallNavi.exe ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-12-18] (AVAST Software) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2015-03-24] ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 10.1.1.1 Tcpip\..\Interfaces\{0D0CB876-F40B-4BC1-9428-18C0018F1EC6}: [DhcpNameServer] 10.1.1.1 Tcpip\..\Interfaces\{19CFF177-8682-4D94-B79E-390BEA650A8F}: [DhcpNameServer] 130.195.85.25 130.195.98.151 Tcpip\..\Interfaces\{76974BCF-D479-4C78-99DE-D0CD23B1B5C3}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== HKU\S-1-5-21-98737323-1009773367-2146176377-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/?fr=vmn&type=auslog_yaapp1_hp HKU\S-1-5-21-98737323-1009773367-2146176377-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-nz/?ocid=iehp SearchScopes: HKU\S-1-5-21-98737323-1009773367-2146176377-500 -> DefaultScope {76DEFAE6-09B2-40B2-8F8A-5A6A5D5CE4EB} URL = hxxps://search.yahoo.com/search/?toggle=1&cop=mss&ei=UTF-8&fr=vmn&type=auslog_yaapp1_ch&p={searchTerms} SearchScopes: HKU\S-1-5-21-98737323-1009773367-2146176377-500 -> {76DEFAE6-09B2-40B2-8F8A-5A6A5D5CE4EB} URL = hxxps://search.yahoo.com/search/?toggle=1&cop=mss&ei=UTF-8&fr=vmn&type=auslog_yaapp1_ch&p={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-15] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-12-18] (AVAST Software) BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-15] (Oracle Corporation) Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-18] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-18] FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] () FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-15] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-15] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-05] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://search.yahoo.com/?fr=vmn&type=auslog_yaapp1_hp CHR RestoreOnStartup: Default -> "hxxps://search.yahoo.com/?fr=vmn&type=auslog_yaapp1_hp" CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?fr=vmn&type=auslog_yaapp1_hp" CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2016-12-23] CHR Extension: (Google Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-31] CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-31] CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-18] CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-18] CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-23] CHR Extension: (Google Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-31] CHR Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-18] CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-18] CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-23] CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-23] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-18] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-12-18] (AVAST Software) R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [142432 2012-02-21] (SEIKO EPSON CORPORATION) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3381200 2016-12-14] (Malwarebytes) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-12-18] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-12-18] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-12-18] (AVAST Software) R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [26776 2016-12-18] (AVAST Software) R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [338936 2016-12-18] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-12-18] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-12-18] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-12-18] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-12-18] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-12-18] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-12-18] (AVAST Software) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59968 2016-12-14] () R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [153024 2016-12-23] (Malwarebytes) R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [87496 2016-12-23] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [39360 2016-12-23] (Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [219072 2016-12-23] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [63264 2016-12-23] (Malwarebytes) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2015-03-05] () ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-23 14:28 - 2016-12-23 14:29 - 00014634 _____ C:\Users\Administrator\Desktop\FRST.txt 2016-12-23 14:28 - 2016-12-23 14:28 - 00000000 ____D C:\FRST 2016-12-23 14:27 - 2016-12-23 14:26 - 01762816 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe 2016-12-23 14:25 - 2016-12-23 14:26 - 01762816 _____ (Farbar) C:\Users\Administrator\Downloads\FRST.exe 2016-12-23 14:21 - 2016-12-23 14:21 - 00030448 _____ C:\Users\Administrator\Desktop\MBAM_Log.txt 2016-12-23 13:52 - 2016-12-23 14:20 - 00087496 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2016-12-23 13:52 - 2016-12-23 14:19 - 00063264 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2016-12-23 13:52 - 2016-12-23 14:19 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-12-23 13:52 - 2016-12-23 13:52 - 00153024 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2016-12-23 13:51 - 2016-12-23 14:19 - 00219072 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-12-23 13:47 - 2016-12-23 13:47 - 00002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2016-12-23 13:47 - 2016-12-23 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2016-12-23 13:46 - 2016-12-23 13:46 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-12-23 13:46 - 2016-12-23 13:46 - 00000000 ____D C:\Program Files\Malwarebytes 2016-12-23 13:46 - 2016-12-14 12:55 - 00059968 _____ C:\Windows\system32\Drivers\mbae.sys 2016-12-23 13:42 - 2016-12-23 13:42 - 00000000 ____D C:\Users\User\AppData\Local\Apple 2016-12-23 13:38 - 2016-12-23 13:41 - 54199488 _____ (Malwarebytes ) C:\Users\User\Downloads\mb3-setup-consumer-3.0.5.1299.exe 2016-12-18 19:12 - 2016-12-18 19:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Games 2016-12-18 18:43 - 2016-12-18 18:43 - 00001142 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard Free.lnk 2016-12-18 18:43 - 2016-12-18 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1 2016-12-18 18:43 - 2016-12-18 18:43 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1 2016-12-18 18:43 - 2015-08-11 12:22 - 02895360 _____ C:\Windows\system32\pwNative.exe 2016-12-18 18:43 - 2015-03-05 10:15 - 00017160 ____N C:\Windows\system32\pwdrvio.sys 2016-12-18 18:43 - 2015-03-05 10:15 - 00013064 ____N C:\Windows\system32\pwdspio.sys 2016-12-18 18:41 - 2016-12-18 18:42 - 32262960 _____ (MiniTool Solution Ltd. ) C:\Users\Administrator\Downloads\pwfree91.exe 2016-12-18 18:05 - 2016-12-18 18:06 - 00000000 ____D C:\Program Files\GUMEE26.tmp 2016-12-18 17:42 - 2016-12-18 17:42 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\CyberLink 2016-12-18 17:42 - 2016-12-18 17:42 - 00000000 ____D C:\Users\Administrator\AppData\Local\Hewlett-Packard 2016-12-18 17:15 - 2016-12-18 20:42 - 00000000 ____D C:\Users\Administrator\AppData\Local\ESET 2016-12-18 17:06 - 2016-12-18 17:06 - 00000000 ____D C:\Users\User\AppData\LocalLow\Sun 2016-12-18 15:37 - 2016-12-18 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2016-12-18 15:34 - 2016-12-18 15:31 - 00338936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys 2016-12-18 15:33 - 2016-12-18 21:10 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Games 2016-12-18 15:33 - 2016-12-18 14:01 - 00319760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2016-12-18 15:31 - 2016-12-18 15:31 - 00026776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys 2016-12-18 15:30 - 2016-12-18 15:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype 2016-12-18 15:30 - 2016-12-18 15:30 - 00000000 ____D C:\Users\User\Tracing 2016-12-18 15:29 - 2016-12-18 15:29 - 00000000 ____D C:\Users\User\AppData\Local\CEF 2016-12-18 15:27 - 2016-12-23 14:19 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype 2016-12-18 15:27 - 2016-12-18 15:27 - 00000000 ____D C:\Users\Administrator\Tracing 2016-12-18 15:26 - 2016-12-18 15:26 - 00002685 _____ C:\Users\Public\Desktop\Skype.lnk 2016-12-18 15:26 - 2016-12-18 15:26 - 00000000 ___RD C:\Program Files\Skype 2016-12-18 15:26 - 2016-12-18 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-12-18 15:26 - 2016-12-18 15:26 - 00000000 ____D C:\Program Files\Common Files\Skype 2016-12-18 15:24 - 2016-12-18 15:24 - 01478616 _____ (Skype Technologies S.A.) C:\Users\Administrator\Downloads\SkypeSetup.exe 2016-12-18 14:44 - 2016-12-18 14:44 - 00000017 _____ C:\Users\Administrator\AppData\Local\resmon.resmoncfg 2016-12-18 14:28 - 2016-12-23 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2016-12-18 14:27 - 2016-12-23 14:18 - 00000000 ____D C:\ProgramData\Auslogics 2016-12-18 14:27 - 2016-12-23 14:18 - 00000000 ____D C:\Program Files\Auslogics 2016-12-18 14:13 - 2016-12-18 14:13 - 00001133 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2016-12-18 14:13 - 2016-12-18 14:13 - 00001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-12-18 14:12 - 2016-12-18 14:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\CEF 2016-12-18 14:02 - 2016-12-18 14:01 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll 2016-12-18 14:01 - 2016-12-18 14:01 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr 2016-12-18 13:39 - 2016-12-18 13:39 - 00000970 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-12-18 13:39 - 2016-12-18 13:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-12-18 13:39 - 2016-12-18 13:39 - 00000000 ____D C:\Program Files\CCleaner 2016-12-18 13:04 - 2016-12-18 13:04 - 00000000 ____D C:\Users\Administrator\Documents\EA Games 2016-12-18 13:03 - 2016-12-18 13:03 - 00000000 __RHD C:\Users\Administrator\AppData\Roaming\SecuROM 2016-12-18 12:43 - 2015-07-31 02:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2016-12-18 12:41 - 2016-12-18 12:41 - 00000000 ____D C:\Program Files\Common Files\AV 2016-12-18 12:39 - 2016-12-18 12:39 - 00000000 ____D C:\Users\User\AppData\Roaming\Epson 2016-12-18 12:39 - 2016-12-18 12:39 - 00000000 ____D C:\Users\User\AppData\Roaming\Apple Computer 2016-12-18 12:38 - 2016-12-18 12:38 - 00109664 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2016-12-18 12:37 - 2016-12-18 12:38 - 00000000 ____D C:\Users\User\AppData\Local\Google 2016-12-18 12:37 - 2016-12-18 12:37 - 00001422 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-12-18 12:37 - 2016-12-18 12:37 - 00000020 ___SH C:\Users\User\ntuser.ini 2016-12-18 12:37 - 2016-12-18 12:37 - 00000000 _SHDL C:\Users\User\My Documents 2016-12-18 12:37 - 2016-12-18 12:37 - 00000000 _SHDL C:\Users\User\Documents\My Videos 2016-12-18 12:37 - 2016-12-18 12:37 - 00000000 _SHDL C:\Users\User\Documents\My Pictures 2016-12-18 12:37 - 2016-12-18 12:37 - 00000000 _SHDL C:\Users\User\Documents\My Music 2016-12-18 12:37 - 2016-12-18 12:37 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe 2016-12-18 12:37 - 2015-10-26 15:30 - 00000000 ____D C:\Users\User\AppData\Roaming\AVAST Software 2016-12-18 12:37 - 2013-06-25 21:43 - 00000000 ____D C:\Users\User\AppData\LocalGoogle 2016-12-18 12:37 - 2013-06-01 09:52 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Help 2016-12-18 12:37 - 2013-04-06 23:23 - 00000000 ____D C:\Users\User\AppData\Roaming\Macromedia 2016-12-18 12:37 - 2009-07-14 20:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Media Center Programs 2016-12-12 00:03 - 2016-12-12 00:03 - 00000000 ____D C:\0aa229004adfc9a5109411 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-23 14:26 - 2013-06-26 21:49 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-12-23 14:26 - 2013-06-26 21:49 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-12-23 14:26 - 2013-06-26 21:49 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-12-23 14:26 - 2013-04-06 23:19 - 00000000 ____D C:\Windows\system32\Macromed 2016-12-23 14:26 - 2009-07-14 17:34 - 00016016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-23 14:26 - 2009-07-14 17:34 - 00016016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-23 14:18 - 2009-07-14 17:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-18 21:13 - 2012-07-31 22:08 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-98737323-1009773367-2146176377-1001UA.job 2016-12-18 21:13 - 2012-07-31 22:08 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-98737323-1009773367-2146176377-1001Core.job 2016-12-18 20:30 - 2012-07-04 21:15 - 00779128 _____ C:\Windows\system32\PerfStringBackup.INI 2016-12-18 20:30 - 2009-07-14 15:37 - 00000000 ____D C:\Windows\inf 2016-12-18 18:59 - 2009-07-14 17:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-12-18 18:24 - 2013-03-30 16:04 - 00002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-18 18:24 - 2013-03-30 16:04 - 00002138 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-18 15:27 - 2013-12-13 11:02 - 00000000 ____D C:\Users\Administrator 2016-12-18 15:26 - 2012-12-18 21:11 - 00000000 ____D C:\ProgramData\Skype 2016-12-18 14:23 - 2015-03-04 13:23 - 00000000 ____D C:\Program Files\Sony 2016-12-18 14:23 - 2014-02-28 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software 2016-12-18 14:04 - 2013-03-20 17:41 - 00224752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2016-12-18 14:04 - 2012-07-05 09:10 - 00735488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2016-12-18 14:04 - 2012-07-05 09:10 - 00433768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2016-12-18 14:02 - 2014-04-27 16:40 - 00034008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2016-12-18 14:02 - 2014-03-10 21:52 - 00118664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2016-12-18 14:02 - 2013-03-20 17:41 - 00060424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2016-12-18 14:02 - 2012-09-05 21:19 - 00091232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2016-12-18 14:02 - 2012-07-05 09:10 - 00092256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2016-12-18 14:02 - 2012-07-05 08:56 - 00000000 ____D C:\ProgramData\AVAST Software 2016-12-18 14:00 - 2013-06-25 16:33 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2016-12-18 13:51 - 2013-02-14 18:01 - 00000000 ____D C:\Program Files\HP 2016-12-18 13:49 - 2014-02-28 15:43 - 00000000 ____D C:\Program Files\epson 2016-12-18 13:49 - 2014-02-28 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2016-12-18 13:42 - 2015-09-23 11:16 - 00000000 ____D C:\Windows\Minidump 2016-12-18 13:42 - 2012-07-05 15:23 - 00000000 ____D C:\Windows\Panther 2016-12-18 13:17 - 2014-02-28 15:41 - 00000000 ____D C:\Program Files\EPSON Software 2016-12-18 13:15 - 2012-07-05 08:57 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-12-18 13:12 - 2015-03-04 13:39 - 00000000 ____D C:\ProgramData\Sony Corporation 2016-12-18 13:09 - 2009-07-14 17:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-12-18 13:04 - 2013-05-31 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-12-18 12:54 - 2012-07-05 08:56 - 00000000 ____D C:\Program Files\AVAST Software 2016-12-18 12:36 - 2013-05-22 17:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-12-18 12:35 - 2013-06-09 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-12-18 12:02 - 2009-07-14 15:37 - 00000000 ____D C:\Windows\PolicyDefinitions ==================== Files in the root of some directories ======= 2016-12-18 14:44 - 2016-12-18 14:44 - 0000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg 2013-02-14 18:00 - 2016-12-18 13:51 - 0004972 _____ () C:\ProgramData\hpzinstall.log Some files in TEMP: ==================== C:\Users\Administrator\AppData\Local\Temp\drm_dyndata_7400009.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Wi
  6. Hello, EliteHunters First, a little history: in the '90's, Microsoft included their defragmenter, which was/is based on an early Diskeeper product. Since then, they have neglected it somewhat and so it is slow compared to other, reworked ones, particularly on larger disks. If you're looking for a free one, Auslogics has been rated #1 by a few reviewers... I downloaded it and tried it last night, and it was very fast and efficient on my old, slow XP laptop. 3 to Auslogics! Regards
  7. Gentlemen Thank you. Budfred got me thinking- I know that Comodo AV is not supposed to have the best detection rate, so I loaded AVG9 (AVG8 I found a pain previously) and it immediately found 2 Trojans... Right now I'm trying ZA and AVG- will see how it goes. I may ask for a log analysis too. All my research has suggested AVG, Avira, MSE and Avast. Thanks again
  8. Thanks, Budfred Of course, you're correct- it's the AV part and, in particular, the TSR portions, that are causing the problem. I put it badly, probably because the last few I've tried have been suites, ie AV and FW combined- apologies. I have no problems with splitting the programs and going back to (say) ZA and an AV. Edit: I keep the lappy's clean and occasionally have had them checked in this forum, without any problems having been detected and have also increased memory. Question is then: an AV that is free, effective and low on resource useage? Regards PS I may personally end up going to Ubuntu anyway, but, no doubt, some people will prefer Windows...
  9. Hello All, I'm getting a bit frustrated with firewalls and anti-viruses that I'm running on older laptops, under Win XPP. I've tried several over the past couple of years, the latest being the Comodo suite- all I've tried seem to eventually really slow the lappys down. I've looked through the forums and there seems to be varying advice, so I thought it best to ask for current recommendations. What I'd like for both AV and FW is: - free - good (effective) - low on resource useage. Recommendations would be appreciated. Thanks
  10. Rocket Graniie First off, your sense of humour worked- I was a bit worried that I was about to hook myself- anyhoo, I'll now try to appear up-to-the-minute and supercool (for an old bastard)... Java updated successfully (I thought I had this in hand already) Adobe removed Sumatra installed Restore points flushed Restore re-enabled have already read your references- thanks Ran start-up Lite (good resource- thanks) Disabled 2 (of 3) items. I'll let you know how things go this saide of the ditch, but I reckon you can close the topic- thanks again Cheers
  11. Hi, again Have run all the checks you requested and came up clean on all counts, which is more or less what I expected... I suspect that there may be a resource hog or two, though. Security Check: Results of screen317's Security Check version 0.99.0 Windows XP Service Pack 3 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Disabled! Antivirus up to date! `````````````````````````````` Anti-malware/Other Utilities Check: HijackThis 2.0.2 CCleaner (remove only) IBM 32-bit Runtime Environment for Java 2, v1.4.1 Java 6 Update 14 IBM 32-bit Runtime Environment for Java 2, v1.4.1 Out of date Java installed! Adobe Flash Player 10 Adobe Reader 7.0.5 Out of date Adobe Reader installed! `````````````````````````````` Process Check: objlist.exe by Laurent Comodo Firewall cmdagent.exe Comodo Firewall cfp.exe `````````````````````````````` DNS Vulnerability Check: GREAT! (Not vulnerable to DNS cache poisoning) `````````End of Log``````````` MBAM Log: Malwarebytes' Anti-Malware 1.41 Database version: 2775 Windows 5.1.2600 Service Pack 3 27/09/09 20:17:22 mbam-log-2009-09-27 (20-17-21).txt Scan type: Full Scan (C:\|) Objects scanned: 159718 Time elapsed: 1 hour(s), 15 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) BitDefender- only reported 349,000 items scanned, no viruses. Thanks again for the help so far
  12. Thanks, RG Doing what you asked for, will post when complete. If you're "Grannie" for age, I could be grandpa as well. Cheers
  13. Hi, All Usual story- laptop getting slower and slower, in spite of regular scans. It has 512Mb at present and I'm about to get a 1Gb upgrade. In the meanwhile, I'd appreciate a quick check for anything malicious, or any resource hogs. Cheers Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:59, on 18/09/09 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\ibmpmsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\QCONSVC.EXE C:\WINDOWS\system32\RegSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\TpKmpSVC.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\TpShocks.exe C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\IBM\Messages By IBM\ibmmessages.exe C:\IBMTOOLS\UTILS\ibmprc.exe C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [s3TRAY2] S3Tray2.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [uC_Start] C:\Program Files\IBM\Updater\\ucstartup.exe O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe O4 - HKLM\..\Run: [iBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe O4 - HKLM\..\Run: [QCTRAY] C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE O4 - HKLM\..\Run: [bMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor O4 - HKLM\..\Run: [bMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE O4 - HKLM\..\Run: [bMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [JAVA_IBM] Java (IBM) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1244701778967 O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe -- End of file - 7341 bytes
  14. Hello, TheJoker Thank you for the reply- I had exactly the same experience as you when surfing for fixes!... but, I didn't find the HKEY thread, which worked. Thank you very much for the effort and help. Regards PS: this thread can now be closed
  15. Hi I'm running Windows XP Professional SP3, Office 2003 Standard and Access 2003. Whenever I try to embed an OLE object in an Access OLE field, I get an "OLE Server Error". After Googling, I found advice to run Regsvr32.exe "C:\Program Files\Common Files\Microsoft Shared\Triedit\Triedit.dll". That registered the OLE Server, but I then get an error message indicating that I should restart the OLE server, or that the are Active-X problems. I've also tried selecting dll libraries in the VBA register, to no avail. The problem occurs no matter what version of Access I try, ie '97, 2000, 2003. There are heaps of items on the web, but I haven't found any solution that works. Any suggestions? Regards