• Welcome to Free PC Help, a free PC Help forum to get help with your computer problems.

    Free PC Help is a community that offers free computer help and support for all users, all ages, worldwide.

    In order to start asking questions or contribute on someone else's post you will first need to register. Don't worry - it's quick and easy and once you have registered you will have instant access to the entire forum.

    If you do decide to join the forums you will not have the option to send Private Messages [ PMs ] or add a Signature until you have made 5 posts or more. This is an attempt to try to stop Spammers using the PM system or adding links to their Signature.

  • Due to the complexity and risks involved our formally trained malware staff will be the only ones allowed to help with malware removal advice. Thank you.

laptop running slow

tomj25

FPCH Member
Joined
Jul 25, 2016
Location
telford
PC Experience
Some Experience
hi all, im looking for a bit of help with my laptop, its a dell n5010 windows 7 i3 home premium 64bit, up until a few months ago it was great but has started to run so slow and the fan is running all the time on what seems like the highest speed possible, i have run scans but it never finds anything so im hoping someone can give me help in fixing whatever is wrong, thanks tom

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 25/07/2016
Scan Time: 12:19
Logfile:
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.07.25.01
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: tom

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318064
Time Elapsed: 31 min, 33 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2016
Ran by tom (2016-07-25 12:55:21)
Running from C:\Users\tom\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-08-13 18:42:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2134292529-3043326613-3165962306-500 - Administrator - Disabled)
Guest (S-1-5-21-2134292529-3043326613-3165962306-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2134292529-3043326613-3165962306-1004 - Limited - Enabled)
tom (S-1-5-21-2134292529-3043326613-3165962306-1000 - Administrator - Enabled) => C:\Users\tom

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.18.354 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{F1D737AB-71A7-4D25-BB94-79DB090D6FF9}) (Version: 1.5.402.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{0D98F04D-11A1-4B64-A406-43292B9EEE90}) (Version: 1.5.0.1 - ArcSoft)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.66 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.0.6 - Dell Inc.)
Dell Stage (HKLM-x32\...\{FC45E4D6-FEA5-4091-B172-4351D130C2E1}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.50 - ArcSoft)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
Dell System Detect (HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\73f463568823ebbe) (Version: 6.0.0.18 - Dell)
Dell System Detect (HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\73f463568823ebbe) (Version: 6.0.0.18 - Dell)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1719 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1719 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.107.05220 (HKLM-x32\...\{7348D0F2-3DAC-0BE7-4E7C-64844D2E3CA9}) (Version: 2.20.107.05220 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 48.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-US)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.0.6043 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 P****r (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 P****r (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 P****r (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.0 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{C075A9B4-E717-44C9-B02C-9A5AD2101BFB}) (Version: 6.5 - Silicon Laboratories, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.0.1 - Synaptics Incorporated)
TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
Unity Web Player (HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501) (HKLM\...\AF09E130E2FD4D1BEFD1B9132AE624BAE0364719) (Version: 03/24/2010 6.3.0.2501 - Broadcom Corporation)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2134292529-3043326613-3165962306-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2134292529-3043326613-3165962306-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CB485BE-5741-4F3D-B5AD-9DA95113A4D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {1C6B80E7-FFF4-4134-95C5-2A2109206BDB} - System32\Tasks\{82E728B3-2AB5-4AAD-B0AC-BFB56DCE8259} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {23F6F42D-8510-43FD-B011-1D71AA1BA0F4} - System32\Tasks\{483136C7-0B2A-40C2-9E80-BB8D1E21F464} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29] (Broadcom Corporation.)
Task: {2EDB67EB-F188-444A-BAE8-E2A8D95E29C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {4CBC8E58-075E-4D56-9576-D565500E4B1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {56F63896-0ACD-416D-930A-75DEDF654AD3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {671FE88A-3FB6-4A62-B0FD-E23A9BFF6900} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {705A1533-D9C2-4C52-BCE5-D00D0910A558} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {78E40194-2C45-45F4-A309-BDA80CD546DB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2134292529-3043326613-3165962306-1000Core => C:\Users\tom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {81C3693F-2587-4815-A697-F8107C366088} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2134292529-3043326613-3165962306-1000
Task: {908501F3-7AE1-4BD7-989F-12205723EB60} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2134292529-3043326613-3165962306-1000UA => C:\Users\tom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {99B4E9F1-4745-4EB6-B259-67B9CE53CF0F} - System32\Tasks\{CE452736-F199-473C-95EB-AC5FC148D878} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29] (Broadcom Corporation.)
Task: {A87EB778-2210-4C0D-A34D-BCD411B1B25F} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - tom) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {B3119ED5-8F43-4B4E-80B5-66546DD42D90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16] (Adobe Systems Incorporated)
Task: {D75374AA-EFEB-4104-9114-9A3582DAA52C} - System32\Tasks\{A85CB27A-652A-4E2B-9C3C-F6A55BF156E5} => pcalua.exe -a C:\Users\tom\Desktop\tazusb.exe -d C:\Users\tom\Desktop

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134292529-3043326613-3165962306-1000Core.job => C:\Users\tom\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134292529-3043326613-3165962306-1000UA.job => C:\Users\tom\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - tom).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2010-03-05 15:21 - 2010-03-05 15:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-05 15:21 - 2010-03-05 15:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-18 03:42 - 2014-10-18 03:42 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9419a7c2030ade01725f8fd9344e218d\IsdiInterop.ni.dll
2011-04-05 05:04 - 2010-06-08 16:44 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-07-13 09:24 - 2016-07-16 12:44 - 19483328 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\dell.com -> dell.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\tom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\tom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Motorola Device Manager => 2
MSCONFIG\Services: PST Service => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: "C: =>
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\tom\AppData\Local\Smartbar\Application\SnapDo.exe startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Dell Registration => C:\Program Files (x86)\System Registration\prodreg.exe /boot
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Stage Remote => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{05AE64F2-6A2D-4C5C-A4A8-8AE9FD7EFD26}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{72E8EBF2-A34E-42EC-A0BC-CD7635C4F37E}] => (Allow) LPort=2869
FirewallRules: [{451DAC05-AD0D-472A-86A6-E1CC5206C0A8}] => (Allow) LPort=1900
FirewallRules: [{84912534-AE37-426C-AAB2-9F08BECD3D99}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3C102034-E254-4A94-ABF3-898786A1D24C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{E7D8199A-1551-43CD-AA10-794791902E75}] => (Allow) C:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{F28D5B0C-8A06-48CC-9969-21C80B30CAC5}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{621AC1DA-2898-4FD8-92CA-1D789B32E414}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{703FFDAF-D681-4BB3-9E90-DE5F5D58B469}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{76F8072E-FD5A-41D7-8272-CE2857934A8F}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{20FD5C2B-7969-4903-9FB6-2A96967451D3}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{F50A4FE6-2654-4C39-8874-6CBAB729343A}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{B5128131-AE95-4110-B9D1-E23EBD2EC4FD}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{8A1E8301-A23B-4A54-B4F4-1B5E63E0A1EE}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{00331F2F-7707-4646-820C-881A0645CD4C}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{039CD0F8-BEDB-42B5-A077-56AC461A21F0}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [TCP Query User{70F565E6-18B5-4943-BCC0-170ABF8339FD}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{C6211A41-55EF-4045-8AE8-233ED224FD3A}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{56651B52-E0E1-4590-95B9-4FE67BB94E14}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{740F4469-5E7B-40AF-8C6A-3FA5969F6B27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5B816F27-A75B-4C7F-B8FF-0FA3C3AA45BF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B8B19FE9-5B61-441E-88D7-2D0C141AC097}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B891C989-0CD1-4321-A2B4-0DD14C8233C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5DF98BE5-8199-45BB-8763-B75A65835A9A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{62CE9313-0FB2-4767-A99C-DF968AD0D778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DBD84127-A398-4E05-B175-0654CEF019EB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{657F80A3-07DD-40D1-916F-F5DEE0854170}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2007F8A5-241A-4B46-990D-3D0B7AEABF20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B6298AF6-FC78-4845-983A-BCCD72FFB496}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B6DDD8F8-C593-427D-9AF6-A3F2A0180F1F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9FF1CFC9-593B-42C6-9E16-BDA2E8CBFFEB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B69A3D43-0144-4999-9561-5708F13AE533}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{02C3863E-EF75-4CC2-9FE0-B9A89147431C}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{95A01505-2811-4187-B257-BF6EEBB72F94}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0812E9CE-DA66-40BD-AAC7-AA432B6ECF94}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9A1137EF-D6EF-4285-BED1-F880DD4711BF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{7C1180EF-3259-4B4D-BC2A-E44D1B9F6962}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

01-07-2016 19:07:27 Windows Update
06-07-2016 08:54:05 Windows Update
10-07-2016 08:23:21 Windows Update
14-07-2016 08:19:46 Windows Update
18-07-2016 09:23:11 Windows Update
25-07-2016 09:08:27 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/25/2016 10:44:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1292016

Error: (07/25/2016 10:44:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1292016

Error: (07/25/2016 10:44:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/25/2016 10:22:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6365

Error: (07/25/2016 10:22:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6365

Error: (07/25/2016 10:22:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/25/2016 10:22:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5148

Error: (07/25/2016 10:22:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5148

Error: (07/25/2016 10:22:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/25/2016 10:22:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4119


System errors:
=============
Error: (07/25/2016 12:57:35 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/25/2016 12:55:03 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/25/2016 12:47:57 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/25/2016 12:45:07 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/25/2016 12:40:58 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/25/2016 12:39:10 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/25/2016 12:35:13 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/25/2016 12:33:49 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/25/2016 12:23:36 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/25/2016 12:22:33 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0


CodeIntegrity:
===================================
Date: 2015-06-21 12:59:47.314
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-21 12:59:47.254
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 48%
Total physical RAM: 5942.68 MB
Available physical RAM: 3084.61 MB
Total Virtual: 11883.57 MB
Available Virtual: 8051.37 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:162.74 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: AA0FE720)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-07-2016
Ran by tom (administrator) on TOM-PC (25-07-2016 12:53:58)
Running from C:\Users\tom\Downloads
Loaded Profiles: tom & (Available Profiles: tom)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Mozilla Firefox\updated\firefox.exe
() C:\Program Files (x86)\Mozilla Firefox\updated\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-17] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [831064 2016-07-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: E - E:\Setup.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: {025db067-cccf-11e4-85f5-90004ee68264} - E:\Startme.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: {552f8fc4-7050-11e1-9192-90004ee68264} - E:\Setup.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: {b1217a04-8e42-11e1-890f-90004ee68264} - E:\Setup.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\GPhotos.scr
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: E - E:\Setup.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {025db067-cccf-11e4-85f5-90004ee68264} - E:\Startme.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {552f8fc4-7050-11e1-9192-90004ee68264} - E:\Setup.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b1217a04-8e42-11e1-890f-90004ee68264} - E:\Setup.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\GPhotos.scr
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1708D2F1-AD0E-4BDE-9091-51BC6CF47129}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D2D53E3B-C461-4EBC-B1B8-3526FA91A15A}: [NameServer] 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.co.uk/
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.co.uk/
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-07] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-07] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\9ol2l4o2.default-1467098080661
FF Homepage: hxxps://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-16] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-15] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll [2013-10-25] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-11-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\tom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: @talk.google.com/O1DPlugin -> C:\Users\tom\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: @tools.google.com/Google Update;version=3 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: @tools.google.com/Google Update;version=9 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\tom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-16] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\tom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\tom\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\tom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-16] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\tom\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\tom\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Classic Theme Restorer - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\9ol2l4o2.default-1467098080661\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-07-08]
FF Extension: Open In Chrome - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\9ol2l4o2.default-1467098080661\extensions\openinchrome@griffeltavla.wordpress.com.xpi [2016-07-11]
FF Extension: Clear Console - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\9ol2l4o2.default-1467098080661\extensions\clearConsole@penzil.com.xpi [2016-07-11]
FF Extension: British English Dictionary - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\9ol2l4o2.default-1467098080661\Extensions\en-GB@dictionaries.addons.mozilla.org [2016-07-08] [not signed]
FF Extension: WhatsApp™ Desktop - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\9ol2l4o2.default-1467098080661\Extensions\jid1-uqwEAwSca3FXUo@jetpack.xpi [2016-07-08]
FF Extension: Adblock Plus - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\9ol2l4o2.default-1467098080661\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-07-19] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-07-19] [not signed]

Chrome:
=======
CHR Profile: C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-09]
CHR Extension: (Google Docs) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-09]
CHR Extension: (Google Drive) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-09]
CHR Extension: (YouTube) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-09]
CHR Extension: (Google Sheets) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-09]
CHR Extension: (Windows Classic Theme) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjofahcbdnggbogjamfaafkgnolfnpc [2016-07-09]
CHR Extension: (Avira Browser Safety) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-09]
CHR Extension: (Google Docs Offline) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-07-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-09]
CHR Extension: (Gmail) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-09]
CHR HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\tom\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-12-27]
CHR HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\tom\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-12-27]
CHR HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-07-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [472112 2016-07-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [472112 2016-07-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1453696 2016-07-25] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-18] (Avira Operations GmbH & Co. KG)
S3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 ALSysIO; \??\C:\Users\tom\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-25 12:53 - 2016-07-25 12:54 - 00021791 _____ C:\Users\tom\Downloads\FRST.txt
2016-07-25 11:53 - 2016-07-25 11:53 - 03712064 _____ C:\Users\tom\Downloads\AdwCleaner.exe
2016-07-25 11:52 - 2016-07-25 12:53 - 00000000 ____D C:\FRST
2016-07-25 11:51 - 2016-07-25 11:51 - 02394112 _____ (Farbar) C:\Users\tom\Downloads\FRST64.exe
2016-07-19 21:34 - 2016-07-23 08:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-18 19:41 - 2016-07-18 19:41 - 00262144 _____ C:\Windows\Minidump\071816-23758-01.dmp
2016-07-16 16:40 - 2016-07-16 16:40 - 00000976 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2016-07-16 16:40 - 2016-07-16 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-07-16 16:39 - 2016-07-16 16:40 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2016-07-16 16:39 - 2016-07-16 16:39 - 30341736 _____ (TomTom International B.V.) C:\Users\tom\Downloads\InstallMyDriveConnect(1).exe
2016-07-09 08:02 - 2016-07-18 19:42 - 00002221 _____ C:\Users\tom\Desktop\Google Chrome.lnk
2016-07-09 08:00 - 2016-07-09 08:00 - 00987728 _____ (Google Inc.) C:\Users\tom\Downloads\ChromeSetup.exe
2016-06-28 08:14 - 2016-06-28 08:14 - 00000000 ____D C:\Users\tom\Desktop\Old Firefox Data

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-25 12:33 - 2011-09-13 16:24 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-25 12:21 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-25 12:21 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-25 12:19 - 2016-04-12 10:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-25 12:18 - 2015-10-15 13:19 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-25 12:18 - 2015-09-27 19:04 - 00000000 ____D C:\AdwCleaner
2016-07-25 10:44 - 2014-11-06 11:26 - 00000362 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - tom).job
2016-07-25 09:57 - 2012-04-11 12:36 - 00000000 ___RD C:\Users\tom\Desktop\sales
2016-07-25 08:24 - 2012-10-19 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-07-25 08:22 - 2013-03-30 11:58 - 00171752 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-07-25 08:22 - 2013-03-30 11:58 - 00145984 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-07-25 00:01 - 2011-09-13 16:24 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-23 08:21 - 2012-05-29 16:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-18 19:47 - 2009-07-14 06:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-18 19:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-07-18 19:42 - 2013-06-25 08:58 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-07-18 19:41 - 2011-11-25 23:01 - 00000000 ____D C:\Windows\Minidump
2016-07-18 19:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-18 19:40 - 2016-06-23 06:59 - 534751017 _____ C:\Windows\MEMORY.DMP
2016-07-16 12:44 - 2015-10-15 13:19 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-16 12:44 - 2014-08-21 15:54 - 00000000 ____D C:\Users\tom\AppData\Local\Adobe
2016-07-16 12:44 - 2012-04-24 20:41 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-16 12:44 - 2011-08-21 10:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-13 09:24 - 2012-04-24 20:41 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-13 09:24 - 2011-04-05 05:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-09 08:01 - 2011-09-13 16:24 - 00002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-08 20:18 - 2014-08-12 06:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-28 08:13 - 2013-10-18 13:21 - 09564672 ___SH C:\Users\tom\Desktop\Thumbs.db
2016-06-28 06:39 - 2013-06-10 17:15 - 00000000 ___RD C:\Users\tom\Desktop\tom Briefcase

==================== Files in the root of some directories =======

2013-05-18 09:32 - 2013-05-18 09:32 - 0019881 _____ () C:\Users\tom\AppData\Roaming\UserTile.png
2013-08-10 15:31 - 2013-08-10 15:31 - 0000037 ___SH () C:\Users\tom\AppData\Local\70149b02515b3bb20dd492.47983420
2011-09-13 16:29 - 2012-01-23 13:56 - 0006144 _____ () C:\Users\tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-03 16:32 - 2016-04-15 13:00 - 0007651 _____ () C:\Users\tom\AppData\Local\resmon.resmoncfg
2015-02-13 03:47 - 2015-02-13 03:47 - 0000000 _____ () C:\Users\tom\AppData\Local\{316096C7-958D-4518-9F5F-D0FAC7A30825}
2012-02-05 22:56 - 2011-12-07 22:56 - 0000032 ____R () C:\ProgramData\hash.dat

Files to move or delete:
====================
C:\ProgramData\hash.dat


Some files in TEMP:
====================
C:\Users\tom\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-17 13:31

==================== End of FRST.txt ============================



# AdwCleaner v5.009 - Logfile created 27/09/2015 at 19:04:11
# Updated 27/09/2015 by Xplode
# Database : 2015-09-27.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : tom - TOM-PC
# Running from : C:\Users\tom\Desktop\AdwCleaner.exe
# Option : Scan
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Program Files\slimcleaner plus
Folder Found : C:\ProgramData\slimware utilities inc
Folder Found : C:\Users\tom\AppData\Local\slimware utilities inc
Folder Found : C:\Users\tom\AppData\Roaming\iWin

***** [ Files ] *****

File Found : C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\user.js
File Found : C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\searchplugins\avira-safesearch.xml

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : Adobe Flash Player Updater

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Key Found : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Key Found : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Key Found : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\SlimWare Utilities Inc
Key Found : HKCU\Software\AppDataLow\Software\Yahoo\Companion
Key Found : HKLM\SOFTWARE\W3I
Key Found : HKLM\SOFTWARE\SlimWare Utilities Inc
Key Found : [x64] HKCU\Software\SlimWare Utilities Inc
Key Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\Software\AppDataLow\Software\Yahoo\Companion
Key Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Yahoo\Companion
Key Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\AppDataLow\Software\Yahoo\Companion
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Data Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=TJ&userid=28d3f661-719c-4248-ba58-e46feccb0937&searchtype=ds&q={searchTerms}
Key Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Data Found : HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {006ee092-9658-4fd6-bd8e-a21a348e59f5}

***** [ Web browsers ] *****

[C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\prefs.js] [Preference] Found : user_pref("browser.search.hiddenOneOffs", "Yahoo,Bing,Amazon.com,DuckDuckGo,eBay,Twitter,Wikipedia (en),Avira SafeSearch");
[C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\prefs.js] [Preference] Found : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"social-share-button\",\"privatebrowsing-button\",\"loop-b[...]
[C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\prefs.js] [Preference] Found : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"14a5da089202c3-071b52c1f4ba888-46544136-0-14a5da08921253\"");
[C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\prefs.js] [Preference] Found : user_pref("extensions.safesearch.SAUTH_expires_at", "1423999540");
[C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\prefs.js] [Preference] Found : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"988e52eab6f7eb472e2e404a249c6345f2249cd6\"");
[C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\prefs.js] [Preference] Found : user_pref("extensions.safesearch.SAUTH_userid", "5724037380");
[C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\prefs.js] [Preference] Found : user_pref("extensions.safesearch.SAUTH_utoken", "\"75291d5f87347f34ad290e2323fa0a7fcad477b6\"");
[C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\prefs.js] [Preference] Found : user_pref("extensions.safesearch.install", "1418910009641");
[C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\prefs.js] [Preference] Found : user_pref("extensions.safesearch.search_offer_disabled", "true");
[C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : uk.ask.com

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8966 bytes] ##########
# AdwCleaner v5.201 - Logfile created 25/07/2016 at 11:54:05
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-24.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : tom - TOM-PC
# Running from : C:\Users\tom\Downloads\AdwCleaner.exe
# Option : Scan
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : SlimCleaner Plus (Scheduled Scan - tom)
Task Found : SlimCleaner Plus (Scheduled Scan - tom)

***** [ Registry ] *****

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Browser Infrastructure Helper

***** [ Web browsers ] *****

[C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : uk.ask.com

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [7370 bytes] - [27/09/2015 19:06:31]
C:\AdwCleaner\AdwCleaner[C2].txt - [1270 bytes] - [01/12/2015 19:14:28]
C:\AdwCleaner\AdwCleaner[C3].txt - [1477 bytes] - [09/12/2015 19:10:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [10295 bytes] - [27/09/2015 19:04:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [1160 bytes] - [01/12/2015 19:04:44]
C:\AdwCleaner\AdwCleaner[S3].txt - [1160 bytes] - [01/12/2015 19:12:39]
C:\AdwCleaner\AdwCleaner[S4].txt - [1349 bytes] - [09/12/2015 18:23:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [10588 bytes] ##########
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Tom and welcome to FPCH.

A few observations here:

up until a few months ago it was great but has started to run so slow and the fan is running all the time on what seems like the highest speed possible
This is probably due to a build up of dust around the fans.
A Desktop system is easy to clean out, but a laptop is a little more awkward.
Take a look here for some instructions:

How to Clean the Dust Out of Your Laptop


MsConfig Overuse
Many people frequently use MSconfig as a long term solution to control startup processes and services.
You will also see many websites condoning use of MSconfig and teaching you how to use it for controlling startups.
This is a very bad idea for many reasons.
  • MSconfig was designed to be used only as a temporary debugging/troubleshooting tool. It was not meant to be used for long term solutions.
  • MSconfig does not show all startups anyway.
  • If you uninstall programs while they are being disabled with MSconfig, they will not be uninstall properly and you will have to resort to manual registry editing to properly get everything removed. MSconfig will leave orphan entries if/when installed software is uninstalled while under the control of MSconfig . When/if MSconfig is turned back to normal startup, it will give errors on boot due to those orphan entries.
  • When you uncheck a service in msconfig, you completely disable it. If you uncheck the wrong one, you may not be able to restart your computer.
  • You can lock malware items into your registry that you may not see anymore until some point in time where you switch back to Normal Startup mode and now you can cause total reinfection of your PC with the malware


Step 1
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
Avira should have disabled Win Defender when it installed.
Having Win Defender running may well conflict with Avira.

Please disable Win Defender:

  • Click Start >> Control Panel >> Windows Defender or launch from the system tray icon.
  • Click on Tools & Settings >> Options.
  • Under Real-time protection options, uncheck the "Real-time protection" check box.
  • Click Save.


Step 2
The last AdwCleaner report shows that only a Scan was run.
There are a couple of things that it needs to clean:
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Cleaning button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[C*].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.


Step 3

Please download the attached fixlist.txt file (bottom of this post) and save it to C:\Users\tom\Downloads.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.



The tool will make a log in the Download folder (Fixlog.txt). Please post this in your next reply.


Step 4
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) 8 Update 92 and save it to your desktop.
  • Scroll down to where it says "Java SE 8 Update 92".
  • Click the "Download JRE " button.
  • Accept the license agreement.
  • select 'Windows x64.exe' from the list.
  • Save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on downloaded icon to install the newest version.


In your next reply, please submit:
New AdwCleaner report
Fixlog.txt (from FRST )

and let me know if you managed to clean any dust out of the laptop.


Thanks.
 

Attachments

tomj25

FPCH Member
Joined
Jul 25, 2016
Location
telford
PC Experience
Some Experience
hi starbuck thanks for the welcome

im just going through the list of things to do, ive got to the java update but when i click the link i cant find the se 8 update 92

tom
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Tom,

I'm at work at the moment so am having to reply from my phone.
Carry on with the other steps for now and we'll come back to the Java update later.
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Tom,

i cant find the se 8 update 92
Seems that Java has been updated again since I last checked.
These instructions should make things a bit clearer...............

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) 8 Update 101 / 102 and save it to your desktop.
  • Scroll down to where it says "Java SE 8 Update 101 / 102".
  • Click the "Download JRE " button.



  • Accept the license agreement.


  • select 'Windows x64 offline' from the list.
  • Save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on downloaded icon to install the newest version.
 
Last edited:

tomj25

FPCH Member
Joined
Jul 25, 2016
Location
telford
PC Experience
Some Experience
hi starbuck

ive done the java update, also disabled Win Defender, the two logs i hope are the right ones

tom


Fix result of Farbar Recovery Scan Tool (x64) Version: 25-07-2016
Ran by tom (2016-07-26 07:01:28) Run:1
Running from C:\Users\tom\Downloads
Loaded Profiles: tom (Available Profiles: tom)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: E - E:\Setup.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: {025db067-cccf-11e4-85f5-90004ee68264} - E:\Startme.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: {552f8fc4-7050-11e1-9192-90004ee68264} - E:\Setup.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: {b1217a04-8e42-11e1-890f-90004ee68264} - E:\Setup.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: E - E:\Setup.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {025db067-cccf-11e4-85f5-90004ee68264} - E:\Startme.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {552f8fc4-7050-11e1-9192-90004ee68264} - E:\Setup.exe
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b1217a04-8e42-11e1-890f-90004ee68264} - E:\Setup.exe
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
S3 ALSysIO; \??\C:\Users\tom\AppData\Local\Temp\ALSysIO64.sys [X]
2016-07-25 10:44 - 2014-11-06 11:26 - 00000362 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - tom).job
C:\ProgramData\hash.dat
C:\Users\tom\AppData\Local\Temp\avgnt.exe
CMD: ipconfig /flushdns
EmptyTemp:
Hosts:




*****************

"HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => key removed successfully
"HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{025db067-cccf-11e4-85f5-90004ee68264}" => key removed successfully
HKCR\CLSID\{025db067-cccf-11e4-85f5-90004ee68264} => key not found.
"HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{552f8fc4-7050-11e1-9192-90004ee68264}" => key removed successfully
HKCR\CLSID\{552f8fc4-7050-11e1-9192-90004ee68264} => key not found.
"HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1217a04-8e42-11e1-890f-90004ee68264}" => key removed successfully
HKCR\CLSID\{b1217a04-8e42-11e1-890f-90004ee68264} => key not found.
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found.
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found.
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found.
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found.
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found.
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found.
HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found.
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik" => key removed successfully
ALSysIO => service removed successfully
"C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - tom).job" => not found.
C:\ProgramData\hash.dat => moved successfully
C:\Users\tom\AppData\Local\Temp\avgnt.exe => moved successfully

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End ofCMD: =========

"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not restore Hosts.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15425901 B
Java, Flash, Steam htmlcache => 96473 B
Windows/system/drivers => 4007744 B
Edge => 0 B
Chrome => 60883049 B
Firefox => 404900471 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42355996 B
systemprofile32 => 6172000 B
LocalService => 132244 B
NetworkService => 115584 B
tom => 18961317 B

RecycleBin => 562059000 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 07:02:05 ====

# AdwCleaner v5.023 - Logfile created 01/12/2015 at 18:04:44
# Updated 30/11/2015 by Xplode
# Database : 2015-11-30.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : tom - TOM-PC
# Running from : C:\Users\tom\Desktop\adwcleaner_5.023.exe
# Option : Scan
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{444785F1-DE89-4295-863A-D46C3A781394}

***** [ Web browsers ] *****

[C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\prefs.js] [Preference] Found : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1081 bytes] ##########
# AdwCleaner v5.201 - Logfile created 26/07/2016 at 06:46:02
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-25.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : tom - TOM-PC
# Running from : C:\Users\tom\Downloads\AdwCleaner.exe
# Option : Scan
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : SlimCleaner Plus (Scheduled Scan - tom)
Task Found : SlimCleaner Plus (Scheduled Scan - tom)

***** [ Registry ] *****

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Browser Infrastructure Helper

***** [ Web browsers ] *****

[C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : uk.ask.com

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [7370 bytes] - [27/09/2015 19:06:31]
C:\AdwCleaner\AdwCleaner[C2].txt - [1270 bytes] - [01/12/2015 19:14:28]
C:\AdwCleaner\AdwCleaner[C3].txt - [1477 bytes] - [09/12/2015 19:10:43]
C:\AdwCleaner\AdwCleaner[S1] new scan.txt - [10672 bytes] - [25/07/2016 12:18:02]
C:\AdwCleaner\AdwCleaner[S1].txt - [10672 bytes] - [27/09/2015 19:04:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [2555 bytes] - [01/12/2015 19:04:44]
C:\AdwCleaner\AdwCleaner[S3].txt - [1160 bytes] - [01/12/2015 19:12:39]
C:\AdwCleaner\AdwCleaner[S4].txt - [1349 bytes] - [09/12/2015 18:23:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2774 bytes] ##########
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Tom,

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1081 bytes] ##########
# AdwCleaner v5.201 - Logfile created 26/07/2016 at 06:46:02
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-25.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : tom - TOM-PC
# Running from : C:\Users\tom\Downloads\AdwCleaner.exe
# Option : Scan
# Support : https://toolslib.net/forum
As you can see, the report shows that only a scan was completed.... you must select the Clean option after the initial scan has completed.



We need to remove those items showing.

Have you managed to clean out any dust from the laptop?

How is the laptop running now, any better?
 

tomj25

FPCH Member
Joined
Jul 25, 2016
Location
telford
PC Experience
Some Experience
hi sorry about that, there was a little dust which has all been cleaned out, its running about the same, and the fan is still spinning like crazy, when i first strart it up its fine but after a few mins it just starts spinning fast and never stops till i shut it down at which point it is really hot, so im only using it for a hour or so then shuting it down to let it cool down, hope that makes sence

# AdwCleaner v5.023 - Logfile created 01/12/2015 at 18:14:28
# Updated 30/11/2015 by Xplode
# Database : 2015-11-30.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : tom - TOM-PC
# Running from : C:\Users\tom\Desktop\adwcleaner_5.023.exe
# Option : Cleaning
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{444785F1-DE89-4295-863A-D46C3A781394}

***** [ Web browsers ] *****

[-] [C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\a54x4uxg.default\prefs.js] [Preference] Deleted : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1191 bytes] ##########
# AdwCleaner v5.201 - Logfile created 26/07/2016 at 19:18:00
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-26.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : tom - TOM-PC
# Running from : C:\Users\tom\Downloads\AdwCleaner.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [9186 bytes] - [27/09/2015 19:06:31]
C:\AdwCleaner\AdwCleaner[C2].txt - [2069 bytes] - [01/12/2015 19:14:28]
C:\AdwCleaner\AdwCleaner[C3].txt - [1477 bytes] - [09/12/2015 19:10:43]
C:\AdwCleaner\AdwCleaner[S1] new scan.txt - [10672 bytes] - [25/07/2016 12:18:02]
C:\AdwCleaner\AdwCleaner[S1].txt - [10672 bytes] - [27/09/2015 19:04:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [2857 bytes] - [01/12/2015 19:04:44]
C:\AdwCleaner\AdwCleaner[S3].txt - [2471 bytes] - [01/12/2015 19:12:39]
C:\AdwCleaner\AdwCleaner[S4].txt - [1349 bytes] - [09/12/2015 18:23:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2591 bytes] ##########
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Tom,

Try running a 'Clean Boot' and see if you still get these problems:

Hold down the Windows key on your keyboard and press the R key.
With the Run dialogue window open, type in msconfig and click the OK button.

You should now be looking at the System Configuration window. Click on the Services tab.

On the Services tab, youll notice a long list of services available on your PC
First, check the box labeled Hide All Microsoft Services. <<<<<<<<<<< Important
Next, click the Disable All button

By performing these two steps, you have effectively turned off all services from third-party software developers. All Microsoft services remain intact and will be ready to load when you reboot Windows.

Finally, click the OK button and reboot the system

When you reboot, you may get messages that certain hardware and software are not unavailable. This is normal.

Just be sure to hide all Microsoft services before you use the Disable All button. Otherwise, you may encounter boot up errors when you reboot your PC.

Remember, running Windows like this is just temporary.

Run your system for awhile and see if the problems still occur.

This will help us to rule out any software conflict.

To restore Windows to a normal start up functionality:
  • Start the System Configuration Utility again (MSCONFIG)
  • On the "General" tab:
  • Click to select "Normal Startup"
  • Click "OK"
  • Choose the "Exit with Restart" option to restart your computer.
 
Last edited:

tomj25

FPCH Member
Joined
Jul 25, 2016
Location
telford
PC Experience
Some Experience
hi starbuck

been running it on the start up as you said but it has made no differance, im i looking at a laptop on the way out then
tom
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Tom,

been running it on the start up as you said but it has made no differance
At least we now know the problem isn't down to a software conflict.

im i looking at a laptop on the way out then
One thing we should check is the running temps.
If the fan is always spinning it could well be because of a overheating problem.
Checking this is quite easy.

Download Speccy and save it to your desktop.
  • Double click the downloaded icon to run the installer
  • Vista, Win7/8/10 users right click and select 'run as Administrator'.
  • Follow the onscreen prompts...but do NOT allow it to add Google Chrome or CCleaner if asked.
  • Make sure that 'Run Speccy' is ticked at the end and click Finish.
Your system will now be analyzed and the information will appear in the Speccy window once complete.

On the main window you will see the operating temperatures.



Record the temps just after you boot up the system and then record them awhile later after the fans start to go mad.

We can then compare the results and have a better idea.
 
Top Bottom