Solved Win7 Startup

Hi Roger, yes the logs are great thank you. You will definitely find Bitdefender a lot less resource hungry and it enjoys a great reputation for malware detection and removal.

BTW, when we finish cleaning we will help you clean up all the tools we used

Please left click on the attached Fixlist.txt file at the bottom of this post. On the dialogue box that opens click "Save File" and then "OK"



Select a location then save the file. IMPORTANT the fixlist.txt file must be in the same location as the FRST program otherwise the fix will not work.



To run the fix right click the FRST icon and choose "Run as Administrator" then click on "Fix"



Depending on the amount of data to be moved it may take a few minutes to complete, and the computer may reboot. When the fix is complete and/or the computer has rebooted the "Fixlist.txt" file you created will be renamed "Fixlog.txt"

Please COPY and PASTE the contents of this new file in your next post

Hi Roger, yes you have done it correctly. Looking at the fixlog I see you may have to reinstall Bitdefender again. I did the fix before you told me that you had installed it in place of AVG, and the fix has removed a remnant of Bitdefender from a previous install which will affect the new install. Please do this before running FRST again.

How is your PC now, any difference with your boot up?

Can you please re run FRST and post the two new logs for a fresh look at whats running

Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu"



If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
Frst will open with two dialogue boxes, accept the disclaimer.

1. Accept the default whitelist options,
2. If the additions.txt options box is not checked please select it.
   
3. Then select "Scan"

Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.



Please COPY and PASTE the contents of these two files in your next post.

Hi Roger, do you still use a VPN?

Please go HERE and click the

link (French for Download) and save it to your desktop.

Once saved to your desktop left click the new icon and choose "Run as administrator"

Accept any security warnings that may pop up.

Then select

1. Options
2. Check all
3. Validate
4. Close

Next select Scanner from the main interface.



Depending on the amount of data on your PC it may take a little time to complete. Once it finishes then click the Report tab as shown above and a notepad file will open with your report file.

Please COPY and PASTE the contents of the notepad file with your next post

Hi Roger, a vpn is used to supposedly hide your movements on the internet, it shows your address as that of the vpn server instead of your own thus hiding your identity.

Actually before you do the ZHP scan can you do a fresh Hijack This scan and post the log

Hi Roger, yes some security software will flag the scan tools we use as a threat, if you disable Bitdefender Hijack This should run. Don't forget to re enable it after you get your log from Hijack This.

Hi Roger, no problems about missing a day,

Please close all other programs including Bitdefender again.
Right click Hijack This and select Run as Administrator.
This time click scan only.
Place a tick in the boxes for the following lines only.


O4 - HKCU\..\Run: [SsAAD.exe] C:\Program Files (x86)\SSAAD.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (2013/05/20)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -startup (2016/01/08) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe (2016/01/08) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA3100 Genie.lnk - C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (2015/11/11) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA3100 Smart Wizard.lnk - C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (2015/11/07) (file missing)
O4 - MSConfig\startupfolder: C:^Users^Roger^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr (2013/07/06)
O4 - MSConfig\startupreg: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (HKLM) (2014/12/17)
O4 - MSConfig\startupreg: [AmazonMP3DownloaderHelper] C:\Users\Roger\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe (file missing) (HKCU) (2014/04/13)
O4 - MSConfig\startupreg: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2014/10/15)
O4 - MSConfig\startupreg: [Creative MediaSource Go] C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe /SCB (file missing) (HKCU) (2013/04/26)
O4 - MSConfig\startupreg: [EPSON Stylus Photo R220 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAIA.EXE /FU "C:\Windows\TEMP\E_S73C9.tmp" /EF "HKCU" (HKCU) (2013/03/22)
O4 - MSConfig\startupreg: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming (file missing) (HKLM) (2016/01/08)
O4 - MSConfig\startupreg: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe /WinStart (HKLM) (2013/03/22)
O4 - MSConfig\startupreg: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup (file missing) (HKLM) (2015/07/08)
O4 - MSConfig\startupreg: [SPIRunE] C:\Windows\system32\Rundll32.exe SPIRunE.dll,RunDLLEntry (HKLM) (2013/03/22)
O4 - MSConfig\startupreg: [SsAAD.exe] C:\Program Files (x86)\SSAAD.exe (HKCU) (2017/11/05)
O4 - MSConfig\startupreg: [StartCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun (HKLM) (2015/07/08)
O4 - MSConfig\startupreg: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (HKLM) (2017/11/09)
O4 - MSConfig\startupreg: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot (file missing) (HKLM) (2014/06/28)
O4 - MSConfig\startupreg: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (HKCU) (2017/05/06)
O4 - MSConfig\startupreg: [UMonit] C:\Windows\SysWOW64\UMonit.exe (file missing) (HKLM) (2013/03/28)
O4 - MSConfig\startupreg: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe /r (HKLM) (2013/03/22)
O4 - MSConfig\startupreg: [WMAAD] C:\Program Files (x86)\Sony\WALKMAN Launcher\WMAAD.exe (HKLM) (2015/06/13)
O4 - MSConfig\startupreg: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (HKLM) (2016/08/26)
O4 - MSConfig\startupreg: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (HKLM) (2017/11/09)
O4 - MSConfig\startupreg: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (HKCU) (2014/04/03)
O22 - Task (Disabled): \OfficeSoftwareProtectionPlatform\SvcRestartTask - C:\Windows\system32\sc.exe start osppsvc
O22 - Task (Queued): \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll
O22 - Task (Queued): \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance
O22 - Task (Ready): CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
O22 - Task (Ready): TechUtilities - C:\Program Files\TechUtilities\TechUtilities.exe -t (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\mcupdate_scheduled - C:\Windows\ehome\mcupdate.exe -crl -hms -pscn 15
O22 - Task (Ready): {11DB5A80-6065-43E3-AB84-ACCADDB48547} - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe (file missing)
O22 - Task (Ready): {23DE1D3F-E2EA-4DD4-9A55-B635FE5C8A53} - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe (file missing)
O22 - Task (Ready): {3DA5C7CE-5087-4755-AA98-C4C2D7A237A9} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\AudioCS\CTAudCS.cpl" -c Audio Console
O22 - Task (Ready): {A2031E4B-9A44-40B3-A13B-4C4B86F46FDD} - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe (file missing)
O22 - Task (Ready): {EAEF71F6-FF52-413A-8565-8720208BEE4E} - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe (file missing)
O22 - Task (Running): \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe

After all the above lines all ticked click "Fix Checked"
Reboot your computer, and re enable Bitdefender.

Is you machine any better now?

roger hawke said:

For info the following was my fortnightly procedure:
Windows Update (Manual)(Prefer to do manually - any opinion?)
Superantispyware (now uninstalled)
CCleaner
Avira (Now replaced by Bitdefender)
Malwarebytes Free
Defraggler
Create restore Point
Diskcleanup/Cleanup system files/Delete all but last restore point.

Does Bitdefender and CCleaner cater for Antivirus and Antimalware?

Do I have things in the right order? Do I need anything else? Or anything less?

Apologies for all the questions.

Click to expand...

Hello Roger, glad that your PC performance has improved

Windows Update (Manual)(Prefer to do manually - any opinion?).. That is fine, update when it suits you.

Superantispyware (now uninstalled) ..Good

CCleaner.. just be careful with the registry

Avira (Now replaced by Bitdefender)..Actually your system had AVG which was what we recommended to remove and replace with Bitdefender. Try Bitdefender and as it has a great reputation for malware detection should serve you well.

Malwarebytes Free.. This is not listed as being installed on your PC. I did remove a remnant of what would have been an old install, but it is not listed in any of your logs.

Defraggler.. fortnightly might be an overkill.

Create restore Point.. Windows should automatically create restore points on a regular basis, but OK.

Diskcleanup/Cleanup system files/Delete all but last restore point...Not quite necessary as often as you do, but no harm.

Does Bitdefender and CCleaner cater for Antivirus and Antimalware? CCleaner does not remove malware. Bitdefender does, but after we clean our tools off your machine I will recommend a NON REALTIME malware Scanner to use for a second opinion that will not interfere with your realtime security. Remember that no security tool/suite will detect every case of a virus or malware, they will all miss something sometime. This does not mean you should install more than one real time protection app irrespective of what their ads say about working with other security programs.

Your machine did not have any real malware to speak of, just a build up of junk. To remain safe continue to use care when browsing, and ensure anything you download is indeed coming from a reputable source.

OK let's cleanup our tools.

Please go HERE and download Delfix Save it to your desktop.
Right click the new Delfix desktop icon and then click "run as administrator"
Place a tick in the following checkboxes

1. Remove disinfection tools
2. Create registry backup
3. Purge system restore
4. Then select "Run"

Delfix will remove the tools used to clean your PC and remove itself. When finished a .txt file will display on your desktop. A copy of this file will be also located as C:\Delfix.txt.

Please post a copy of this file in your next post

Thank you for the log Roger, Can you try uploading it again with a different browser.

Hello Roger, are there any messages when Bitdefender blocks the upload, and has it only blocked Delfix? Sometimes security scan tools will do this to AV's, My bad, I should have asked you to copy and paste the contents.

Just to ensure nothing more is lurking can you get a ZHP log for us to check?

Please go HERE and click the

link (French for Download) and save it to your desktop.

Once saved to your desktop left click the new icon and choose "Run as administrator"

Accept any security warnings that may pop up.

Then select

1. Options
2. Check all
3. Validate
4. Close

Next select Scanner from the main interface.



Depending on the amount of data on your PC it may take a little time to complete. Once it finishes then click the Report tab as shown above and a notepad file will open with your report file.

Please COPY and PASTE the contents of the notepad file with your next post