Solved Very slow Laptop and i realy need all the help i can get

Microsoft Windows 7 professional sp1 64-...
October 25, 2016 at 18:33:40
Specs: Windows 10, 16
My daughter has a Accer Laptop and it has Windows 7 in it. This Laptop is very slow and i just do not know what is wrong with it.

Here are the things on the Laptop and hopefully

Operating System
Microsoft Windows 7 Édition Intégrale 64-bit SP1
CPU
AMD C-50
Ontario 40nm Technology
RAM
4,00 Go DDR3 @ 535MHz (7-7-7-20)
Motherboard
Acer Aspire 5253 (Socket FT1)
Graphics
Moniteur Plug-and-Play générique (1024x768@1Hz)
ATI video (Acer Incorporated [ALI])
Hard Drives
233GB Seagate ST9250315AS ATA Device (SATA) 39 °C
Optical Drives
TSSTcorp CDDVDW TS-L633F ATA Device
Audio
Conexant High Definition Audio

Thanks in advance if anybody can pinpoint the problem as why it is so slow


See More: Very slow Laptop and i realy need all the help i can get

Report •

✔ Best Answer
October 30, 2016 at 03:16:10
After doing my post #26

Copy & Paste the text in Blue below & save it into Notepad on your Desktop & name it fixlist.txt
NOTE: It is important that Notepad is used. The fix will not work if Word or some other program is used.
NOTE: It is important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

CreateRestorePoint:
emptytemp:
closeprocesses:
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2954659700-786570201-3662484195-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

Open FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that, let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please Copy & Paste the contents into your reply.
Refer these SS if needed.
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...



#1
October 25, 2016 at 20:16:52
The reason the laptop is slow can be many things or even a combination of several of these. The machine can be infected with a virus or other malware. The hard drive could have too little free space. There could be too many programs (legit ones) running in the background that do not need to be running all of the time. There could be a build up of junk in the system and browser(s). The memory does sound a bit slow, even considering you are giving the frequency of the DDR3 memory (2x535 = 1070DDR3). More memory also might help if OS is 64bit.
Run Disk Clean up.
Clear out History in browsers, select nearly everything except passwords & similar.
Run Malwarebytes free version
Run Adware Cleaner
Uninstall programs never used, Google to verify unknown ones are not important.
Identify programs using CPU % using Task Manager when machine is at idle. Google to identify if not sure. Use program's settings to see if they can be set to not start with Windows where possible. Ccleaner (which is also useful to perform the first two steps above) has a feature to manage start up items for those that cannot otherwise be set to manually start up only when needed.
Go to crucial.com and use their scanner to identify what the optimal memory your system should have. You can purchase anywhere but it is a reliable source for this information without having to look up details on companies sites.
Post back results for more advice.

You have to be a little bit crazy to keep you from going insane.


Report •

#2
October 25, 2016 at 20:27:30
Hello and thanks for the quick answer

The Laptop is a very clean install so there no virus no nothing plain and simple Windows 7 straight forward clean install


Report •

#3
October 25, 2016 at 21:06:23
It only takes one visit to a website to get a malware infection so are you sure malware is not possible--it was slow immediately after doing the fresh install? Was previous 'slowness' the reason you did the reinstall?

If you reinstalled from disks provided by Acer or from a restore partition on the drive it's possible they've added software that slowed it down. You might check 'programs and features' from the 'program's icon in control panel to see what's been installed.

If you reinstalled from a generic windows disk you may need to install additional drivers. Look in device manager to see if any hardware there is showing problems. Drivers should be available on the Acer support page for your model.

If it was slow before the reinstall it's possible there's a problem with the hard drive. Diagnostic software is usually available on drive manufacturer's support page.


Report •

Related Solutions

#4
October 26, 2016 at 05:40:45
Hello

Yes you are correct. I done a new install because it was slow. So i done a fresh install from a Windows CD.

So to answer your question yes it was slow before the clean install and it is still slow after a fresh install.


Report •

#5
October 26, 2016 at 05:58:06
The AMD C-50 @ 1.0GHz certainly isn't a barn-burner plus it only supports single channel memory. I see you have the display listed as 1024x768@1Hz? Where did you get that info from? Are you running an external monitor? The proper resolution for the laptop screen is 1366x768@ 60Hz. If you just did a clean install, it would appear that you haven't installed the drivers.

Windows 7 Édition Intégrale = Win7 Ultimate. Did you install from a retail disc or did you do a factory recovery? The recovery will reinstall all the Acer bloatware, most of which is unnecessary & will slow system performance. I suggest you install CCleaner-Slim, run the cleaner & registry scanner & remove everything they find, then move on to Tools. Uninstall all necessary programs & disable all unnecessary startup entries. Then make sure all your drivers are up to date, plus run Windows Update numerous times until it's all caught up. You didn't state which antivirus you're running but some of them are real resource hogs. I recommend BitDefender Free Edition.

http://www.bitdefender.com/solution...

Here's a link to the Cleaner builds page. They just posted an update so the Slim version isn't available yet. It's usually released a few days later. You can download & install the standard version, but make sure to use the custom install, that way you can avoid installing any bundled software.

https://www.piriform.com/ccleaner/b...


Report •

#6
October 26, 2016 at 06:08:44
Hello

All the info comes from a program called SPECCY

All the drives are installed every one of them and this comes from the CD's that came
with the Laptop and it was also to install Windows XP but i installed Windows 7
with a CD so this is a very clean install

There is nothing installed on the Laptop and the only program that is installed is Microsoft Office this is it.


Report •

#7
October 26, 2016 at 08:36:47
If you installed Win7 from a retail disc, it will only install generic drivers. XP drivers generally don't work with Win7 so I'm not sure what you were able to install. There are drivers are available at the Acer site, but they're all from 2011. Just enter Aspire 5253 as the model & make sure the OS is set to Win7 64-bit.

http://www.acer.com/ac/en/US/conten...


Report •

#8
October 26, 2016 at 15:48:22
Get your W7 updates this way.

Update pack - Simplix Pack to update Win7
Current latest version.
http://update7.simplix.info/UpdateP...


Report •

#9
October 26, 2016 at 17:35:16
@ Johnw - are you Russian?

http://update7.simplix.info/


Report •

#10
October 26, 2016 at 17:42:56
"are you Russian?"
Nope, just click on the English or google Simplix for the many sites/forums that discuss it in English.

http://fs5.directupload.net/images/...


Report •

#11
October 26, 2016 at 17:57:06
To follow up on the answers like i said it is a very clean install and all the drivers are installed so why is it slow and i have no clue on why. Is it the hard drive or is it the memory or just the video card. Any thing

Report •

#12
October 26, 2016 at 18:02:01
"is it the memory"
Go into Device Manager > System.
Upload an SS ( screenshot ) of what it shows please.

Image Uploader ( I upload to directupload.com for images & zippyshare for files. Neither need an account ) Give us the links please.
http://www.softpedia.com/get/Intern...
http://zenden.ws/imageuploader_ru
How to use for images.
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
For other files.
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...


Report •

#13
October 29, 2016 at 16:39:24
Hello again

Sorry for the delay as i was gone a few day's

Here is the link for the pictures

<img src="http://fs5.directupload.net/images/161029/uk5irc6h.png" border=0><br/> <br/><img src="http://fs5.directupload.net/images/161029/8va3mym8.png" border=0><br/> <br/>


Report •

#14
October 29, 2016 at 17:00:32
Sorry, this is what I needed.
http://fs5.directupload.net/images/...

Make sure you follow instruction on how to upload, my link above demonstrates what you should post.


Report •

#15
October 29, 2016 at 17:13:57

Report •

#16
October 29, 2016 at 17:20:18
Thanks metroke, everything is Ok there, particularly with the memory, it is using all that is available.

Let me think, for a while please.


Report •

#17
October 29, 2016 at 17:24:15
Ok Thank you i will wait for you answer

Report •

#18
October 29, 2016 at 17:24:45
"The Laptop is a very clean install so there no virus no nothing plain and simple"

We still need to eliminate everything, cannot assume anything.

Here are the next 2 steps, more steps will be needed, after I see the results of these logs.

Run them in this order.

Step 1: Run AdwCleaner
http://www.softpedia.com/get/Antivi...
http://www.raymond.cc/blog/adwclean...
http://www.bleepingcomputer.com/dow...
Author's site
http://general-changelog-team.fr/en...
Tutorial
http://general-changelog-team.fr/en...
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click Scan
In the results tabs, uncheck anything you don't want to remove.
Click on Cleaning.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please Copy & Paste the contents of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner [C1 or later].txt as well.
http://i.imgur.com/r3PoAEG.gif

Step 2: Run Malwarebytes Junkware Removal Tool
http://www.softpedia.com/get/Securi...
http://www.bleepingcomputer.com/dow...
http://thisisudax.org/
http://thisisudax.blogspot.com.au/2...
Download Malwarebytes Junkware Removal Tool onto your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop.
Warning! Once the scan is complete JRT will shut down your browser with NO warning.
Shut down your protection software now to avoid potential conflicts.
Temporarily disable your antivirus and any antispyware real time protection before performing a scan.
Click this link to see a list of security programs that should be disabled and how to disable them.
http://www.bleepingcomputer.com/for...
http://www.techsupportforum.com/for...
Run the tool by double-clicking it. If you are using Windows Vista or Windows 7/8, right-click JRT and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved onto your Desktop and will automatically open.
Copy and Paste the contents of the JRT.txt log please.


Report •

#19
October 29, 2016 at 18:00:06
Sorry for the french hope you understand


# AdwCleaner v6.030 - Rapport créé le 29/10/2016 à 20:51:31
# Mis à jour le 19/10/2016 par Malwarebytes
# Base de données : 2016-10-28.2 [Serveur]
# Système d'exploitation : Windows 7 Ultimate Service Pack 1 (X64)
# Nom d'utilisateur : Melissa - MELISSA-PC
# Exécuté depuis : C:\Users\Melissa\Downloads\adwcleaner_6.030.exe
# Mode: Nettoyage
# Support : hxxps://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Dossiers ] *****

[-] Dossier supprimé: C:\Users\Melissa\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
[-] Dossier supprimé: C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\ConduitCommon
[#] Dossier supprimé au redémarrage: C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\conduitcommon
[-] Dossier supprimé: C:\Program Files\ByteFence
[-] Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
[-] Dossier supprimé: C:\Program Files (x86)\DriverRestore
[-] Dossier supprimé: C:\Users\Melissa\AppData\Local\Temp\PremierOpinion
[#] Dossier supprimé au redémarrage: C:\Users\Melissa\AppData\Local\Temp\premieropinion

***** [ Fichiers ] *****

[-] Fichier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk

***** [ DLL ] *****



***** [ WMI ] *****



***** [ Raccourcis ] *****



***** [ Tâches planifiées ] *****



***** [ Registre ] *****

[-] Clé supprimée: HKU\S-1-5-21-2954659700-786570201-3662484195-1000\Software\DriverRestore
[-] Clé supprimée: HKU\S-1-5-21-2954659700-786570201-3662484195-1000\Software\eSupport.com
[-] Clé supprimée: HKU\S-1-5-21-2954659700-786570201-3662484195-1000\Software\ImInstaller
[-] Clé supprimée: HKU\S-1-5-21-2954659700-786570201-3662484195-1000\Software\PRODUCTSETUP
[-] Clé supprimée: HKU\S-1-5-21-2954659700-786570201-3662484195-1000\Software\csastats
[-] Clé supprimée: HKU\S-1-5-21-2954659700-786570201-3662484195-1000\Software\ICSW1.22
[#] Clé supprimée au redémarrage: HKCU\Software\DriverRestore
[#] Clé supprimée au redémarrage: HKCU\Software\eSupport.com
[#] Clé supprimée au redémarrage: HKCU\Software\ImInstaller
[#] Clé supprimée au redémarrage: HKCU\Software\PRODUCTSETUP
[#] Clé supprimée au redémarrage: HKCU\Software\csastats
[#] Clé supprimée au redémarrage: HKCU\Software\ICSW1.22
[#] Clé supprimée au redémarrage: [x64] HKCU\Software\DriverRestore
[#] Clé supprimée au redémarrage: [x64] HKCU\Software\eSupport.com
[#] Clé supprimée au redémarrage: [x64] HKCU\Software\ImInstaller
[#] Clé supprimée au redémarrage: [x64] HKCU\Software\PRODUCTSETUP
[#] Clé supprimée au redémarrage: [x64] HKCU\Software\csastats
[#] Clé supprimée au redémarrage: [x64] HKCU\Software\ICSW1.22
[-] Clé supprimée: [x64] HKLM\SOFTWARE\DriverRestore
[-] Clé supprimée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Restore
[-] Donnée restaurée: HKU\S-1-5-21-2954659700-786570201-3662484195-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée restaurée: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée restaurée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée restaurée: HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Donnée restaurée: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée restaurée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée restaurée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Clé supprimée: HKU\S-1-5-21-2954659700-786570201-3662484195-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Donnée restaurée: HKU\S-1-5-21-2954659700-786570201-3662484195-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Clé supprimée au redémarrage: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Donnée restaurée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Clé supprimée: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Donnée restaurée: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Clé supprimée au redémarrage: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Donnée restaurée: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Clé supprimée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Donnée restaurée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DriverRestore.exe

***** [ Navigateurs ] *****



*************************

:: Clés "Tracing" supprimées
:: Paramètres Winsock réinitialisés

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5252 octets] - [29/10/2016 20:51:31]
C:\AdwCleaner\AdwCleaner[S0].txt - [5901 octets] - [29/10/2016 20:46:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5400 octets] ##########



Report •

#20
October 29, 2016 at 18:11:35
"Sorry for the french hope you understand"
I'm going alright so far.

I'm here.
http://www.timeanddate.com/worldclo...


Report •

#21
October 29, 2016 at 18:35:15
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Ultimate x64
Ran by Melissa (Administrator) on 2016-10-29 at 21:03:56,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 20

Successfully deleted: C:\Windows\system32\Tasks\Driver Easy Scheduled Scan (Task)
Successfully deleted: C:\Windows\Tasks\Driver Easy Scheduled Scan.job (Task)
Successfully deleted: C:\Users\Melissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Melissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Melissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7WRUTOX3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Melissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AFHJRIEZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Melissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Melissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GM3WOK09 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Melissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Melissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YOVACESZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\prefetch\DRIVERRESTORE.EXE-A459080E.pf (File)
Successfully deleted: C:\Windows\prefetch\DRIVERRESTORE_EN.EXE-B841391C.pf (File)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7WRUTOX3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AFHJRIEZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GM3WOK09 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YOVACESZ (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2016-10-29 at 21:09:11,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Report •

#22
October 29, 2016 at 18:36:34
Next step.

Update & Run Malwarebytes Anti-Malware ( MBAM ) Free Version. Use Quick scan ( now called Threat Scan )
http://www.softpedia.com/get/Antivi...
http://www.malwarebytes.org/free/
Make sure you uncheck > Enable free trial < at the END of the install.
http://i.imgur.com/tUFCbYz.gif
Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box to Scan for rootkits.
http://i.imgur.com/dZgt1g2.gif
Under Non-Malware Protection sub tab, make sure PUP and PUM entries to Treat detections as Malware are checked.
http://i.imgur.com/MKxr2K1.gif
Click on the Scan tab, then click on Scan Now >>. If an update is available, click the Update Now button.
A Threat Scan will begin.
With some infections, you may see this message box.
'Could not load DDA driver'
Click 'Yes' to this message, to allow the driver to load after a restart.
Allow the computer to restart. Continue with the rest of these instructions.
When the scan is complete, click Apply Actions.
Wait for the prompt to restart the computer to appear, then click on Yes.
After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.
http://fs5.directupload.net/images/...
Or, you can do it before the reboot.
http://i.imgur.com/NOmMO3l.gif
Or,
https://www.malwarebytes.com/suppor...


Report •

#23
October 29, 2016 at 19:10:06
I have to go out now for about 4 hrs, will continue when I get back.

Next step after you have run Malwarebytes.

Please download Farbar Recovery Scan Tool and save it onto your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop.
http://www.bleepingcomputer.com/dow...
If we have to run Farbar more than once, refer this SS.
http://i.imgur.com/yUxNw0j.gif
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the Desktop.
The first time the tool is run, it makes also another log (Addition.txt)
The logs are large, upload them using Zippy ( No account/registration needed ) or upload to a site of your choosing. Give us the links please.
http://www.zippyshare.com/
Instructions on how to use ZippyShare.
http://i.imgur.com/naG6t2T.gif
http://i.imgur.com/Vi9ZdIh.gif
http://i.imgur.com/1IZu5kP.gif


Report •

#24
October 29, 2016 at 20:34:09
Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 2016-10-29
Heure de l'analyse: 21:55
Fichier journal:
Administrateur: Oui

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.10.30.02
Base de données de rootkits: v2016.09.26.02
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Melissa

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 289038
Temps écoulé: 19 min, 35 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 2
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FE1E2E17-19A6-4BB3-8B1B-BD68277D7973}, , [49115946f7a395a10bf08033669e1ee2],
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Powered tisas, , [0456504f9ffbd264ee0e882b52b28b75],

Valeurs du Registre: 2
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FE1E2E17-19A6-4BB3-8B1B-BD68277D7973}|Path, \Yahoo! Powered tisas, , [49115946f7a395a10bf08033669e1ee2]
PUP.Optional.WinYahoo, HKU\S-1-5-21-2954659700-786570201-3662484195-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_36¶m1=1¶m2=f[4416c6d9cdcdc076b78118e433d0738d]D2%26b[4416c6d9cdcdc076b78118e433d0738d]DIE%26cc[4416c6d9cdcdc076b78118e433d0738d]Dca%26pa[4416c6d9cdcdc076b78118e433d0738d]DWincy%26cd[4416c6d9cdcdc076b78118e433d0738d]D2XzuyEtN2Y1L1Qzuzzzzzy0F0F0AyCzy0ByCtD0F0C0CyC0BtN0D0Tzu0StCyBtCtBtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDtDtDtB0CtDzyzztGyC0EtByDtGyB0C0AyDtGtAyB0D0AtG0DzyyBtByDtB0F0Dzz0BtA0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyCzy0FtDyC0AyCtGtCtAyB0DtGyEyB0F0AtG0AzztC0DtG0AtB0FtDyByE0Czz0CzytBzz2QtN0A0LzuyE%26cr[4416c6d9cdcdc076b78118e433d0738d]D56168939%26a[4416c6d9cdcdc076b78118e433d0738d]Dwbf_ir_16_36%26os_ver[4416c6d9cdcdc076b78118e433d0738d]D6.1%26os[4416c6d9cdcdc076b78118e433d0738d]DWindowsB7BUltimate, %4, %5

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 24
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\apps, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\AddedAppDialog, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\DefualtImages, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\DetectedAppDialog, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\NewSearchProtectorDialog, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\NewSearchProtectorDialog\images, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorBubbleDialog, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorBubbleDialog\images, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorDialog, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorDialog\Images, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorRetakeoverDialog, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorRetakeoverDialog\Images, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog\images, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarUntrustedAppsApprovalDialog, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\UntrustedAddedAppDialog, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\UntrustedAppApprovalDialog, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\UntrustedAppPendingDialog, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\emailnotifier, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\radio, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\weather, , [59010a95afeb1f17cab36461748e29d7],

Fichiers: 101
PUP.Optional.383Media, C:\Users\Melissa\AppData\Local\Temp\DRHelper_installFinish.exe, , [60fa2c73a8f2ae883628a6bfea17bd43],
PUP.Optional.383Media, C:\Users\Melissa\AppData\Local\Temp\DRHelper_installStart.exe, , [4713e8b783179b9bda8474f129d848b8],
HackTool.FilePatch, C:\Users\Melissa\AppData\Local\Temp\Rar$EXa0.376\Patch\driver.easy.v.5.1.2.2353-patch.exe, , [fb5fa4fbb3e754e2729ab693a95b06fa],
PUP.Optional.WinYahoo, C:\Windows\System32\Tasks\Yahoo! Powered tisas, , [401a3768504a270fb944545f54b0eb15],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\appsMetaData.json, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\getAppsContextMenu.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\languagePack.json, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\LocalSettings.txt, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\postAppsContextMenu.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\searchInNewTabData.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\search_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\ServiceMap.json, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\ThirdPartyComponents.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\toolbarContextMenu.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\unsharedAppsContextMenu.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\UserAdditionalComponents.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\apps\list.json, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\generalDialogStyle.css, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\RoundedCorners.css, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\RoundedCornersIE9.css, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\version.txt, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\AddedAppDialog\main.html, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\DefualtImages\icon.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\DetectedAppDialog\main.html, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\NewSearchProtectorDialog\main.html, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\NewSearchProtectorDialog\SearchProtector.css, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\NewSearchProtectorDialog\images\ok-button.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\NewSearchProtectorDialog\images\separation-line.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\NewSearchProtectorDialog\images\warning.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorBubbleDialog\bubble.css, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorBubbleDialog\main.html, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorBubbleDialog\images\information.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorDialog\main.html, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorDialog\SearchProtector.css, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorDialog\Images\info.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorDialog\Images\ok-on.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorDialog\Images\ok.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog\main.html, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog\images\divider.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog\images\facebook.png, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\UntrustedAddedAppDialog\main.html, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\UntrustedAppApprovalDialog\main.html, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\Dialogs\UntrustedAppPendingDialog\main.html, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\emailnotifier\acc, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___feeds2_feedburner_com_ConduitPhonesFr_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___fr_news_yahoo_com_rss_fc_maroc_xml_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___feeds2_feedburner_com_ConduitPocketFr_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___feeds2_feedburner_com_ConduitPocketFr_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___feeds2_feedburner_com_ConduitWindowsFr_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___feeds2_feedburner_com_ConduitWindowsFr_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___fr_news_yahoo_com_rss_fc_afrique-du-sud_xml_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___fr_news_yahoo_com_rss_fc_afrique-du-sud_xml_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___fr_news_yahoo_com_rss_fc_algerie_xml_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___fr_news_yahoo_com_rss_fc_algerie_xml_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___fr_news_yahoo_com_rss_fc_maroc_xml_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___fr_news_yahoo_com_rss_sport_xml_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___fr_news_yahoo_com_rss_sport_xml_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___rss_feedsportal_com_c_864_f_11087_index_rss_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___rss_feedsportal_com_c_864_f_11087_index_rss_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___tageblatt_editpress_lu_feed_index_1_rss_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___tageblatt_editpress_lu_feed_index_1_rss_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___video_google_fr__output=rss_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___video_google_fr__output=rss_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___www_elmoudjahid_com_accueil_index_php_index_1_rss_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___www_elmoudjahid_com_accueil_index_php_index_1_rss_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___www_lefigaro_fr_rss_figaro_actualites_xml_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___www_lefigaro_fr_rss_figaro_actualites_xml_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___www_lemonde_fr_rss_une_xml_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___www_lemonde_fr_rss_une_xml_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___www_lequipe_fr_Xml_videos_rss_xml_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___www_lequipe_fr_Xml_videos_rss_xml_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___www_letemps_ch_rss_site__history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___www_letemps_ch_rss_site__structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___feeds2_feedburner_com_ConduitMacFr_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___feeds2_feedburner_com_ConduitMacFr_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___feeds2_feedburner_com_ConduitPalmFr_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___feeds2_feedburner_com_ConduitPalmFr_structured.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\feed\http___feeds2_feedburner_com_ConduitPhonesFr_history.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\radio\IP_Media_List.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\radio\Predefined_Media_List.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\radio\Recent_Media_List.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\radio\User_Media_List.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\weather\forecast_fr-fr.xml, , [59010a95afeb1f17cab36461748e29d7],
PUP.Optional.ConduitTB.Gen, C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\v8qbq0ok.default\CT2542115\weather\history.xml, , [59010a95afeb1f17cab36461748e29d7],

Secteurs physiques: 0
(Aucun élément malveillant détecté)

(end)


Report •

#25
October 29, 2016 at 20:46:30
http://www78.zippyshare.com/v/mDchW...
http://www83.zippyshare.com/v/mk7ro...


Now it is time for my bedtime. I will get this in the morning

Report •

#26
October 29, 2016 at 23:10:28
Post #24
Malwarebytes Anti-Malware log.

Can't see the word > quarantaine

Maybe you didn't quarantaine or it's on another log.
If so please post that log please.

Run malwarebytes again please & post the log.


Report •

#27
October 30, 2016 at 03:16:10
✔ Best Answer
After doing my post #26

Copy & Paste the text in Blue below & save it into Notepad on your Desktop & name it fixlist.txt
NOTE: It is important that Notepad is used. The fix will not work if Word or some other program is used.
NOTE: It is important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

CreateRestorePoint:
emptytemp:
closeprocesses:
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2954659700-786570201-3662484195-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

Open FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that, let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please Copy & Paste the contents into your reply.
Refer these SS if needed.
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...
http://fs5.directupload.net/images/...


Report •

#28
October 30, 2016 at 07:17:39
Hello Johnw

I am trying to understand something and maybe something is missing

You talk about the FRST64 THEN YOU TELL ME ABOUT THIS

both files, FRST64 and fixlist.txt are in the same location. The notepad is named fixlist.txt and it is saved

So i am lost here


Report •

#29
October 30, 2016 at 11:31:26
Hello Johnw

I got everything done now and the laptop is faster. Many thanks for everything.

One last thing Can i uninstall all the programs before i give it back to my daughter.

Thanks again


Report •

#30
October 30, 2016 at 15:13:34
"One last thing Can i uninstall all the programs"
Run DelFix. Copy & Paste the contents of the log please.
https://toolslib.net/downloads/view...
DelFix is designed to delete all removal tools used during a disinfection.
Indeed, these tools are often updated. It's recommended not to have and use outdated versions on computer.
Run the tool by right click on the DelFix icon and Run as administrator option.
Make sure that these are checked:
Activate UAC (optional; some users prefer to keep it off)
Remove disinfection tools
Create registry backup
Purge system restore
Reset system settings
Click Run and wait until the tool completes it's work.
Tool will create an report for you (C:\DelFix.txt)

Make sure the laptop, is always on a solid surface, to allow ventilation.

Computers need dust being removed regularly. Dust is one of the biggest causes of slowness, due to overheating.

Curing Laptop/Notebook Overheating
https://www.youtube.com/watch?v=74a...
http://is.gd/ck0tXA
http://is.gd/SKlNjg
http://is.gd/vkq6Iz
http://is.gd/cNfZzK
http://is.gd/N8ZLiY
Cleaning a Laptop/Notebook Computer
http://www.instructables.com/id/Ext...
http://www.techradar.com/news/mobil...


Report •

#31
October 30, 2016 at 15:19:19
Here is how a USER got the problems, no AV would have prevented USER error. Go to any Malware forum & no matter what AV they have installed, they got infected.

As you can see from your logs, you had a lot of stuff installed, that you do not know, how it got installed.
A lot of programs, now give you the choice to install toolbars & other during the install. Either uncheck these items during install, or use Custom install. No more click, click during an install, you have to read after each click.

Or, Use Unchecky to help prevent these third party installs. Nothing is perfect, the badies are always ahead of the goodies, so be vigilant.
http://www.softpedia.com/get/System...
http://www.freewarefiles.com/Unchec...
http://unchecky.com/
A reliable application that aims to protect your computer against third-party components often offered during software installations.


Report •

Ask Question