Program files Skype Google Chrome Windows


Recommended Posts

When I start windows it shows an error message that windows does not have a system program. The skype, google chrome, microsoft word icons are shaded white on desktop and task bar. When I click on any of them I can not get access it says there is no program system.

Link to post
Share on other sites

Howdy smgarcia and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!
Do Not Remove anything or run any tools/programs until advised to do so !

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  


===================================


AdwCleaner
       
Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the Clean button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.



NEXT

thisisujrt-1.gif
    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!

 

 

Post those logs for me, sometimes you have to try 3 or 4 times to paste them !!

 

Thanks

Chuck
 

Link to post
Share on other sites

Ok looks like that will not do it so lets try this !! You may have to download this to a disk from a different computer to a disk or flash drive, then stick it in the computer we are working on & run !!

 

Run a Microsoft Fixit Process
Go to this site, and click on the Fixit button, and follow the directions : http://support.microsoft.com/kb/886549
When it finishes, reboot again, then see if it works !

 

What is the brad name of computer ??


Chuck

Link to post
Share on other sites

I understand you are having problems with pasteing here at BT !!

 

Run these 2 programs please !!

 

Download DDS and save it to your Desktop.  >>> DDS


    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.


Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.


Any problems downloading or running DDS.scr, try THIS alternate (DDS.com) version of DDS http://download.bleepingcomputer.com/sUBs/dds.com
 

 

 

 

 

NEXT


Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !   
 

Post next :

1. DDS logs (2)

2. OTL logs (2)

 

 

Thanks

Chuck

Link to post
Share on other sites

Post this from PM for smgarcia she's having problems pasting here:

 

DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 11.0.9600.16521
Run by Sylvia Garcia at 1:17:21 on 2014-06-11 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2038.751 [GMT -6:00] .
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes ================ .
C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\MyPC Backup\BackupStack.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\system32\rundll32.exe C:\ProgramData\LightsOff\LightsOffService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe
C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe
C:\Users\Sylvia Garcia\AppData\Local\fst_us_92\upfst_us_92.exe
C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe
C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\igfxsrvc.exe
C:\ProgramData\LightsOff\LightsOff.exe
C:\Program Files\Java Update\winclient32.exe
C:\Windows\system32\conhost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Driver Support\Driver Support\DriverSupport.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Optimizer Pro\OptProSmartScan.exe
C:\Program Files\MyPC Backup\MyPC Backup.exe
C:\Program Files\Optimizer Pro\OptProReminder.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
C:\Windows\system32\taskeng.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\ScanTack\updateScanTack.exe
C:\Program Files\System Optimizer Pro\SystemOptimizerPro.exe
C:\Program Files\Frieven_s_Prox_1.8\Frieven_s_Prox_1.8-nova.exe
C:\Program Files\ScanTack\bin\utilScanTack.exe C:\Program Files\ScanTack\bin\ScanTack.PurBrowse.exe
C:\Windows\system32\conhost.exe C:\Program Files\ScanTack\bin\ScanTack.BrowserAdapter.exe
C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet . ============== Pseudo HJT Report =============== .


uProxyServer = hxxp=127.0.0.1:49641;https=127.0.0.1:49641
uProxyOverride = <-loopback> uURLSearchHooks: {f2e99efd-72dc-4c5d-9f7c-219133ff8e40} -
<orphaned> mURLSearchHooks: {f2e99efd-72dc-4c5d-9f7c-219133ff8e40} -
<orphaned> BHO: ConvertFilesforFree: {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} -
BHO: Highlightly: {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} -
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: ScanTack: {d332cff8-358e-4c9e-8af3-a08872ef22c1} - c:\program files\scantack\E8752740-ACF1-4EA4-9325-47C4FB80B678.dll uRun: [Google Update]
"c:\users\sylvia garcia\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [Driver Support]
c:\program files\driver support\driver support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false uRun: [skype]
"c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [Messenger (Yahoo!)]
 "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet uRun: [iCloudServices]
c:\program files\common files\apple\internet services\iCloudServices.exe uRun: [ApplePhotoStreams]
c:\program files\common files\apple\internet services\ApplePhotoStreams.exe uRun: [pcreg]
c:\program files\pcreg\service.exe uRun: [OutfoxTV]
c:\program files\outfoxtv\outfoxtv\DesktopContainer.exe uRun: [Weather]
c:\program files\aws\weatherbug\Weather.exe 1 uRun: [Optimizer Pro]
c:\program files\optimizer pro\OptProLauncher.exe mRun: [soundMAXPnP]
c:\program files\analog devices\core\smax4pnp.exe mRun: [igfxTray]
c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds]
c:\windows\system32\hkcmd.exe mRun: [Persistence]
c:\windows\system32\igfxpers.exe mRun: [MSC] "
c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [iD Patroller] "
c:\program files\id patroller\id patroller\IDPatroller.exe" "/min" mRun: [sPDriver]
c:\program files\shopperpro\jsdriver\1.35.1.155\jsdrv.exe mRun: [Windows Client Manager]
c:\program files\java update\winclient32.exe mRun: [OpenSoftwareUpdater]
c:\program files\opensoftwareupdater\OpenSoftwareUpdater.exe mRun: [AutoLoader] "
c:\users\sylvia~1\appdata\local\temp\WebMonitor.exe" mRun: [pcreg]
c:\program files\pcreg\service.exe mRun: [iTunesHelper] "
c:\program files\itunes\iTunesHelper.exe" mRun: [fst_us_92] "
c:\program files\fst_us_92\fst_us_92.exe" mRunOnce: [upfst_us_92.exe]
c:\users\sylvia garcia\appdata\local\fst_us_92\upfst_us_92.exe -runonce StartupFolder:
c:\users\sylvia~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\mypcba~1.lnk -
c:\program files\mypc backup\MyPC Backup.exe StartupFolder:
c:\users\sylvia~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\severe~2.lnk -
c:\users\sylvia garcia\appdata\local\severeweatheralerts\SevereWeatherAlertsApp.exe StartupFolder:
c:\users\sylvia~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\severe~1.lnk -
c:\users\sylvia garcia\appdata\local\severeweatheralerts\SevereWeatherAlerts.exe uPolicies-Explorer:
NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: HideSCAHealth = dword:1 mPolicies-Explorer: HideSCAHealth =
dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser =
dword:0 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel -
c:\progra~1\micros~3\office11\EXCEL.EXE/3000 IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} -
c:\program files\paltalk messenger\Paltalk.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} -
c:\users\sylvia garcia\appdata\roaming\microsoft\windows\start menu\programs\imvu\Run IMVU.lnk



TCP: NameServer = 192.168.0.1 TCP: Interfaces\{84016E75-D933-4D53-AEE3-51FA64F1C4CA} :
DHCPNameServer = 192.168.0.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8}
- c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
 c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll
c:\progra~1\optimi~1\optpro~2.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "
c:\program files\google\chrome\application\35.0.1916.153\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome .
 ============= SERVICES / DRIVERS =============== .
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2014-1-25 231960]
R1 {9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw;{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw;c:\windows\system32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw.sys [2014-6-11 52920]
R1 MpKsl69804eea;MpKsl69804eea;c:\programdata\microsoft\microsoft antimalware\definition updates\{6112ee67-ebf1-44ff-bbd0-3809d954fc96}\MpKsl69804eea.sys [2014-6-11 39464]
R2 BackupStack;Computer Backup (MyPC Backup);c:\program files\mypc backup\BackupStack.exe [2014-3-14 36392]
 R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\skype\toolbars\autoupdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\skype\toolbars\pnrsvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
R2 ca82e1a5;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe [2009-7-13 44544]
R2 CltMngSvc;Search Protect Service;c:\progra~1\searchprotect\main\bin\CltMngSvc.exe [2014-5-23 2497856]
R2 LightsOff;Lights Off;c:\programdata\lightsoff\LightsOffService.exe [2014-4-24 65912]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 104264]
R2 OutfoxTvUpdater;OutfoxTvUpdater;c:\program files\outfoxtv\OutfoxTvUpdater.exe [2014-5-5 186768]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [2014-1-12 34128]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2014-3-11 279776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 consumerinput_update;ConsumerInput Update Service (consumerinput_update);c:\program files\consumer input\update\consumerinputupdate.exe /svc -->
c:\program files\consumer input\update\ConsumerInputUpdate.exe [?]
S2 ConvertFilesforFreeUpdt;ConvertFilesforFreeUpdt;c:\program files\convert files for free\convertfilesforfreeupdt.exe -->
c:\program files\convert files for free\ConvertFilesforFreeUpdt.exe [?]
S2 fpvoixdaog32;fpvoixdaog32;c:\program files\002\fpvoixdaog32.exe run options=01110010020000000000000000000000 sourceguid=916a702f --> c:\program files\002\fpvoixdaog32.exe run options=01110010020000000000000000000000 sourceguid=916A702F [?]
S2 globalUpdate;globalUpdate Update Service (globalUpdate);c:\program files\globalupdate\update\GoogleUpdate.exe [2014-6-10 68608] S2 Jsip;Jsip;c:\program files\jsip\jsip.exe -service --> c:\program files\jsip\Jsip.exe -service [?]
S2 pcregservice;pcregservice Service;c:\program files\pcreg\pcreg.exe --> c:\program files\pcreg\pcreg.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S2 SMUpd;Search Module Update;c:\program files\common files\goobzo\gbupdate\smu.exe /service --> c:\program files\common files\goobzo\gbupdate\smu.exe [?]
S2 spdfrmon;spdfrmon;c:\program files\speeditup free\spdfrmon.exe --> c:\program files\speeditup free\spdfrmon.exe [?]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files\globalupdate\update\GoogleUpdate.exe [2014-6-10 68608]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-3-12 108032]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] .
=============== Created Last 30 ================ . 2014-06-11 06:40:35 39464 ----a-w-
c:\programdata\microsoft\microsoft antimalware\definition updates\{6112ee67-ebf1-44ff-bbd0-3809d954fc96}\MpKsl69804eea.sys 2014-06-11 06:39:04 52920 ----a-w-
c:\windows\system32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw.sys 2014-06-11 05:50:20 62576 ----a-w-
c:\programdata\microsoft\microsoft antimalware\definition updates\{6112ee67-ebf1-44ff-bbd0-3809d954fc96}\offreg.dll 2014-06-11 05:46:30 8073384 ----a-w-
c:\programdata\microsoft\microsoft antimalware\definition updates\{6112ee67-ebf1-44ff-bbd0-3809d954fc96}\mpengine.dll 2014-06-11 05:36:22 -------- d-----w-
c:\program files\System Optimizer Pro 2014-06-11 05:36:00 -------- d-----w- c:\program files\ScanTack 2014-06-10 23:43:05 -------- d-----w-
c:\users\sylvia garcia\appdata\roaming\MySearchDial 2014-06-10 23:42:38 -------- d-----w-
c:\program files\Mysearchdial 2014-06-10 17:37:44 -------- d-----w-
c:\users\sylvia garcia\appdata\roaming\Optimizer Pro 2014-06-10 17:37:03 -------- d-----w-
c:\users\sylvia garcia\appdata\roaming\VOPackage 2014-06-10 17:36:44 -------- d-----w-
c:\program files\Wajam 2014-06-10 17:36:24 -------- d-----w- c:\users\sylvia garcia\appdata\local\globalUpdate 2014-06-10 17:36:24 -------- d-----w-
c:\program files\globalUpdate 2014-06-10 17:36:20 -------- d-----w- c:\program files\Mediaa_Play_AIR_1.4 2014-06-10 17:36:12 -------- d-----w-
c:\program files\Frieven_s_Prox_1.8 2014-06-10 17:35:40 -------- d-----w- c:\program files\MyPC Backup 2014-06-10 17:35:13 -------- d-----w-
c:\program files\Optimizer Pro 2014-06-10 17:35:08 -------- d-----w- c:\program files\SearchProtect 2014-06-10 17:34:39 -------- d-----w-
c:\users\sylvia garcia\appdata\local\fst_us_92 2014-06-10 17:34:39 -------- d-----w- c:\program files\fst_us_92 2014-06-10 17:32:56 -------- d-----w-
c:\users\sylvia garcia\appdata\local\SearchProtect 2014-06-10 01:17:25 765968 ------w-
c:\programdata\microsoft\microsoft antimalware\definition updates\{29c78caf-03de-45aa-a23c-c3b1afc0b308}\gapaengine.dll 2014-06-10 01:15:01 8073384 ----a-w-
c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2014-06-10 01:13:12 -------- d-----w-
c:\windows\ERUNT 2014-06-10 01:08:23 536576 ----a-w-
c:\windows\system32\sqlite3.dll 2014-06-10 01:07:19 -------- d-----w-
C:\AdwCleaner 2014-05-15 13:27:41 -------- d-----w-
c:\users\sylvia garcia\appdata\roaming\WeatherBug 2014-05-15 13:24:05 -------- d-----w-
c:\program files\OutfoxTV 2014-05-14 16:56:43 -------- d-----w-
c:\users\sylvia garcia\appdata\roaming\888pokerNJ 2014-05-14 16:56:28 -------- d-----w-
c:\program files\888pokerNJ 2014-05-14 09:22:45 -------- d-s---w-
c:\windows\system32\CompatTel 2014-05-14 02:50:54 369664 ----a-w-
c:\windows\system32\aepdu.dll 2014-05-14 02:50:54 302592 ----a-w-
c:\windows\system32\aeinv.dll 2014-05-13 10:21:23 -------- d-----w-
c:\program files\Citrix . ==================== Find3M ==================== .
2014-05-14 03:31:30 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-14 03:31:30 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-24 21:10:06 1161080 ----a-w- c:\windows\system32\LightsOff.CD920490367F.dll 2014-03-31 00:13:30 2724864 ----a-w-
 c:\windows\system32\mshtml.tlb . ============= FINISH: 1:20:36.69 ===============

Link to post
Share on other sites

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT .
DDS (Ver_2012-11-20.01) .
Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 1/10/2014 2:34:57 PM
System Uptime: 6/10/2014 11:29:08 PM (2 hours ago) .
Motherboard: Dell Inc. | | 0TY565 Processor: Intel® Core2 CPU 6300 @ 1.86GHz | Microprocessor | 1586/1066mhz . ==== Disk Partitions ========================= .
A: is Removable C: is FIXED (NTFS) - 233 GiB total, 184.096 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= .
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw Device ID:
ROOT\LEGACY_{2C976A7F-DBDC-4756-870F-F6D183FE7A7E}GW\0000 Manufacturer:
Name: {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw PNP Device ID: ROOT\LEGACY_{2C976A7F-DBDC-4756-870F-F6D183FE7A7E}GW\0000 Service: {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw .
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: SPDRIVER_1.35.1.155 Device ID:
 ROOT\LEGACY_SPDRIVER_1.35.1.155\0000 Manufacturer: Name: SPDRIVER_1.35.1.155 PNP Device ID:
ROOT\LEGACY_SPDRIVER_1.35.1.155\0000 Service: SPDRIVER_1.35.1.155 . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
 Description: Microsoft Teredo Tunneling Adapter Device ID: ROOT\*TEREDO\0000 Manufacturer:
Microsoft Name: Teredo Tunneling Pseudo-Interface PNP Device ID: ROOT\*TEREDO\0000 Service: tunnel . Class GUID:
Description: USB Receiver Device ID: USB\VID_046D&PID_C52B&MI_00\6&9980937&0&0000 Manufacturer: Name:
USB Receiver PNP Device ID: USB\VID_046D&PID_C52B&MI_00\6&9980937&0&0000 Service: . Class GUID:
Description: Device ID: ROOT\WPD\0000 Manufacturer: Name: PNP Device ID: ROOT\WPD\0000
Service: . ==== System Restore Points =================== .
RP101: 5/30/2014 6:55:48 AM - Windows Update RP102: 6/1/2014 3:00:18 AM -
Windows Update RP103: 6/2/2014 3:00:35 AM -
Windows Update RP104: 6/2/2014 5:07:05 AM -
Windows Update RP105: 6/2/2014 9:30:15 AM -
Windows Update RP106: 6/3/2014 3:00:25 AM -
Windows Update RP107: 6/4/2014 3:00:24 AM -
Windows Update RP108: 6/5/2014 1:19:25 AM - Removed Bonjour RP109: 6/5/2014 2:03:25 AM - Windows Update RP110: 6/5/2014 10:06:53 AM -
Windows Update RP111: 6/6/2014 1:37:32 PM -
Windows Update RP114: 6/9/2014 3:00:12 AM -
Windows Update RP116: 6/9/2014 8:12:04 AM - Removed Skypeâ„¢ 6.16 RP117: 6/9/2014 10:41:22 AM -
Installed Microsoft Fix it 50356 RP126: 6/9/2014 7:45:00 PM - Windows Update RP127: 6/10/2014 8:55:25 AM -
Installed Microsoft Fix it 50356 RP128: 6/10/2014 10:03:46 AM -
Windows Update RP129: 6/10/2014 6:25:16 PM -
Windows Update .
 ==== Installed Programs ====================== .
888pokerNJ Activeris
AntiMalware Adobe Flash Player 13
ActiveX Adobe Flash Player 13
Plugin Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASRPlugin2 BlockAndSurf Bonjour BrowserSafeguard with RocketTab Citrix Online Launcher Compatibility Pack for the 2007 Office system Consumer Input Consumer Input (remove only)
ContentExplorer Convert Files for Free Driver Detective Driver Restore Driver Support ffdshow v1.2.4422 [2012-04-09] Frieven_s_Prox_1.8 fst_us_92
Google Chrome Google Talk Plugin
Google Update Helper GoToMeeting 6.3.0.1440 Haali Media Splitter HiDef Media Player 1.1.12 Highlightly Hyper Browser iCloud ID Patroller ImagePrinter 2.1 Installer Intel®
Graphics Media Accelerator Driver Itibiti RTC iTunes iWebar Jsip
KNCTR Lights Off Mediaa_Play_AIR_1.4 Microsoft .NET Framework 4.5.1
Microsoft Office File Validation Add-In Microsoft Office Standard Edition 2003 Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual
C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual
C++ 2008 Redistributable - x86 9.0.30729.6161
Muvic Smartbar MyPC Backup
Mysearch
dial Netstudy ¹öÀü2.5
Norton Security Scan OpenSoftwareUpdater
 Optimizer Pro v3.2
OutfoxTV Paltalk Messenger 11.3
PC Clean Maestro
PC Driver Kit v3.1
 PC Fix Speed 1.2.0.24
PC Tech Hotline Pidgin v2.10.3
SavetheChildren Reminder by We-Care.com v4.1.26.4
ScanTack Search module Search Protect Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Severe Weather Alerts Shopper-Pro Skype Click to Call Skypeâ„¢ 6.16 SoundMAX
SpeeditupFree System Optimizer Pro U+½º¸¶Æ®·¯´× LTE¿ø¾î¹Îȸȭ 2.5
Uninstall Helper Virtual Printer VLC media player 2.1.3
Wajam Weather It Up WeatherBug WeatherBug®
Worldwide Web Research Yahoo! Messenger Yahoo!
Software Update Yahoo! Toolbar YTDownloader .
==== Event Viewer Messages From Past Week ======== .
6/10/2014 6:26:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure:
Windows failed to install the following update with error 0x80070490:
Security Update for Windows 7 (KB2871997). 6/10/2014 5:36:11 PM,
 Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
6/10/2014 5:36:11 PM, Error: Service Control Manager [7000] - T
he Computer Backup (MyPC Backup) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
6/10/2014 2:20:04 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The data is invalid.
6/10/2014 2:20:03 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: A system shutdown is in progress.
6/10/2014 11:31:46 PM, Error: Service Control Manager [7000] - The ConsumerInput Update Service (consumerinput_update) service failed to start due to the following error: The system cannot find the file specified.
6/10/2014 11:29:42 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw
6/10/2014 11:29:37 PM, Error: Service Control Manager [7000] - The WinRST service failed to start due to the following error: The system cannot find the file specified.
6/10/2014 11:29:37 PM, Error: Service Control Manager [7000] - The vxlsnyaiet32 service failed to start due to the following error: The system cannot find the file specified. 6
/10/2014 11:29:37 PM, Error: Service Control Manager [7000] - The SPDRIVER_1.35.1.155 service failed to start due to the following error: The system cannot find the path specified.
6/10/2014 11:29:37 PM, Error: Service Control Manager [7000] - The Search Module Update service failed to start due to the following error: The system cannot find the file specified.
6/10/2014 11:29:37 PM, Error: Service Control Manager [7000] - The pcregservice Service service failed to start due to the following error: The system cannot find the file specified.
6/10/2014 11:29:36 PM, Error: Service Control Manager [7000] - The Jsip service failed to start due to the following error: The system cannot find the file specified.
6/10/2014 11:29:36 PM, Error: Service Control Manager [7000] - The fpvoixdaog32 service failed to start due to the following error: The system cannot find the file specified.
6/10/2014 11:29:36 PM, Error: Service Control Manager [7000] - The ConvertFilesforFreeUpdt service failed to start due to the following error: The system cannot find the file specified.
6/10/2014 11:29:26 PM, Error: Service Control Manager [7000] - The spdfrmon service failed to start due to the following error: The system cannot find the file specified. .
==== End Of File ===========================

Link to post
Share on other sites

OTL Extras logfile created on: 6/12/2014 8:51:09 AM -
Run 1 OTL by OldTimer - Version 3.2.69.0
Folder = C:\Users\Sylvia Garcia\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) -
Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU |
Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 0.33 Gb Available Physical Memory |
16.70% Memory free 6.13 Gb Paging File | 0.75 Gb Available in Paging File |
12.27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% =
C:\Program Files Drive C: | 232.84 Gb Total Space | 183.33 Gb Free Space | 78.74% Space Free |
Partition Type: NTFS Computer Name: SYLVIAGARCIA-PC |
User Name: Sylvia Garcia | Logged in as Administrator.
Boot Mode: Normal |
Scan Mode: Current user Company Name Whitelist: Off |
Skip Microsoft Files: Off | No Company Name Whitelist: On |
File Age = 30 Days ========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] --
C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] --
C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] --
C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile
[open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] --
 "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] --
"C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (
Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] --
Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] --
Reg Error: Key error. Unknown [openas] -- C:\Program Files\File Type Helper\FileTypeHelper.exe "%1" Directory [AddToPlaylistHiDefMedia] --
"C:\Program Files\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --playlist-enqueue "%1" Directory [AddToPlaylistVLC] --
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithHiDefMedia] --
"C:\Program Files\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --no-playlist-enqueue "%1" Directory [PlayWithVLC] --
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] --
Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" =
Reg Error: Unknown registry data type --
File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 "{07BF770D-4FFF-4E1D-B469-DD549C1A98C5}" = rport=10243 | protocol=6 | dir=out |
app=system | "{20180691-9756-497F-9B70-1539F54ADB57}" = lport=1500 | protocol=6 | dir=in |
 name=koinorc | "{2244EE1F-12D3-4C59-AFC1-68762F95CFD7}" = lport=138 | protocol=17 | dir=in |
app=system | "{2671F1CE-C56F-4AE0-BDA3-A6BE25F612A4}" = lport=445 | protocol=6 | dir=in
| app=system | "{2A17E81D-C012-4E9C-A83A-256F49F769C3}" = lport=1900 | protocol=17 | dir=in |
svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{4310B9F7-38FE-4882-8C07-59B9B4835D6C}" = rport=137 | protocol=17 | dir=out | app=system |
"{566AA155-D1D0-425F-AEC6-C154D5E93822}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5D1D47EF-E059-48FE-B0C5-D09F0A2250BE}" = lport=139 | protocol=6 | dir=in | app=system |
 "{5EC71C40-857E-4F03-B64A-57A3DE83D5EB}" = rport=2177 | protocol=17 | dir=out | svc=qwave |
app=%systemroot%\system32\svchost.exe | "{64A4D4A5-B920-4B3F-BB87-6F19F72D4CFD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache |
app=%systemroot%\system32\svchost.exe | "{736A8DB7-5662-4749-B0DA-6A069E9BF922}" = lport=2177 | protocol=17 | dir=in | svc=qwave |
app=%systemroot%\system32\svchost.exe | "{95CD0746-F355-4F26-8DED-B9DE612CCA42}" = lport=2177 | protocol=6 | dir=in | svc=qwave |
app=%systemroot%\system32\svchost.exe | "{A53AE193-DCCB-49A8-9101-C779B1DEC8DB}" = lport=137 | protocol=17 | dir=in | app=system | "{A59940D6-610B-48FA-86C6-6ECEB60FCF41}" = lport=rpc-epmap |
 protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{AB913312-E45B-4FC2-A468-DA0023F03EF5}" = rport=138 | protocol=17 |
dir=out | app=system | "{C3F7AF7A-D3E4-4291-B3CD-4B0ED345E8B8}" = rport=139 | protocol=6 | dir=out | app=system |
 "{CB8A14D1-98BD-4218-917B-828AC218EACA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache |
app=%systemroot%\system32\svchost.exe | "{CF510007-4094-465E-8CF6-60028D061514}" = lport=2500 | protocol=6 | dir=in |
name=koinorc | "{CF8F4BD3-32D0-4B2A-99FD-1FE4E3F013E8}" = lport=rpc | protocol=6 | dir=in | svc=spooler |
app=%systemroot%\system32\spoolsv.exe | "{D7822E68-C36E-4EA5-80D0-AB54FAF6EA9C}" = lport=10243 | protocol=6 | dir=in |
 app=system | "{DF32811B-8086-462D-926E-3E4B01646634}" = rport=445 | protocol=6 | dir=out | app=system | "{F0F8AE54-B9A6-4DE1-B0CB-8530F06E66AC}" = rport=5355 |
protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F1BBB711-9E66-4807-99FE-8E02E899185A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv |
 app=%systemroot%\system32\svchost.exe | "{FABFA6F8-C02C-4CFA-A7C2-5A2D253B53B0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FE3BD681-078D-4A14-9ED8-CD64ACF80ACB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{14A82A06-41DE-409F-8D1E-B93C99D16FC2}" = dir=in |
app=c:\program files\itunes\itunes.exe | "{19A2097B-26FF-41CD-9662-977D5388FA4D}" = protocol=1 | dir=in | [email protected],-28543 | "{204337A7-008F-4E5F-89E1-FB4A037E45D3}" = dir=out | app=c:\program files\pcreg\service.exe | "{2055466D-9226-4F23-BA6D-7DC71B9B1F33}" = protocol=6 | dir=in |
 app=c:\program files\ezhelp\server\remotefserver.exe | "{20EEEDCA-F391-4BE1-9E61-C12FA43081A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{27A36327-67FA-402D-ACCD-A4FAA2593C39}" = protocol=6 | dir=in |
 app=c:\program files\bonjour\mdnsresponder.exe | "{3FB7C4DC-0ADF-4F36-A2BA-D3FDD793CE94}" = protocol=17 | dir=in |
app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{48D84FE4-67DC-4DEF-9D03-95CDB51B1E83}" = protocol=6 | dir=in |
app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{53F3D600-144D-4980-92F4-9CB76B341540}" = protocol=17 | dir=in |
app=c:\program files\bonjour\mdnsresponder.exe | "{58384399-2845-4F16-93DB-370D8A12FD78}" = dir=in |
app=c:\program files\skype\phone\skype.exe | "{591C9CAA-E1B5-43E8-A721-F09727A08934}" = protocol=17 | dir=in |
app=%programfiles%\windows media player\wmplayer.exe | "{69101A41-8770-4615-8B12-65036A50FF52}" = dir=in |
app=c:\program files\pcreg\service.exe | "{714042C2-A681-4C5C-ADCF-2875606DA2B0}" = protocol=17 | dir=out |
app=%programfiles%\windows media player\wmplayer.exe | "{81A78C7D-2073-4D5D-BF4F-F4037CA29F8D}" = dir=in |
app=c:\program files\pcreg\pcreg.exe | "{85541F52-E459-4425-BE58-52B7872F4FD8}" = protocol=6 | dir=out |
app=system | "{86512971-99CD-4AE1-9A7A-D2BB0B2B16EA}" = protocol=6 | dir=in |
\app=c:\program files\ezhelp\server\ezhelpserver.exe | "{8721D66F-D0DA-49C4-B571-D2E391FBA216}" = protocol=58 |
dir=out | [email protected],-28546 | "{8B4D38E7-A0F8-466B-AA90-2912AFE50A1A}" = protocol=6 | dir=in |
app=c:\program files\itibiti soft phone\itibiti.exe | "{953035EA-A82D-4081-993C-32973EA9176E}" = dir=out |
app=c:\program files\pcreg\pcreg.exe | "{984D30B5-8108-4290-949C-91A362A62C74}" = protocol=17 | dir=in |
app=%programfiles%\windows media player\wmplayer.exe | "{9A508DE9-4299-4E6D-85C0-5A9D3E8F322B}" = protocol=6 | dir=in |
app=%programfiles%\windows media player\wmpnetwk.exe | "{9E74EE48-DEF3-4A76-80D7-5A5B4FDD648D}" = protocol=17 | dir=in |
app=c:\program files\itibiti soft phone\itibiti.exe | "{ABEEB1EB-E0C0-4017-AF63-D3EE70FD4930}" = protocol=6 | dir=in |
app=c:\program files\ezhelp\server\soundmodule.exe | "{AFE5D441-9CD8-47BB-952A-AC30E07AD4B3}" = protocol=6 | dir=out |
app=%programfiles%\windows media player\wmplayer.exe | "{B9C0990F-FCE5-40A4-9F2B-0607049851CE}" = protocol=6 | dir=out |
app=%programfiles%\windows media player\wmpnetwk.exe | "{C2449ED6-935A-49A1-BBD8-249E8675A41E}" = dir=in |
app=c:\program files\pcreg\service.exe | "{C5C1C9D3-E6D0-4289-BBB2-CBB616BF69CF}" = protocol=6 | dir=in |
app=c:\users\sylvia garcia\appdata\local\temp\low\koino\anysupport\host_kr\koinohost.exe | "{C9D413A4-37AB-4121-8341-4A4119EFA2F0}" = dir=in |
app=c:\program files\pcreg\pcreg.exe | "{D24B1C26-B434-479A-BCA7-2E38D9DA0AAD}" = protocol=6 | dir=out | svc=upnphost |
app=%systemroot%\system32\svchost.exe | "{D61CC514-7B60-4FC6-8779-5044AD44081B}" = dir=out |
app=c:\program files\pcreg\pcreg.exe | "{DE6EBF81-AD23-4EEA-8F51-160AC097041E}" = dir=out |
app=c:\program files\pcreg\service.exe | "{DEDD3813-7C25-4964-A2A1-B7DE4B84A702}" = protocol=17 | dir=in |
 app=%programfiles%\windows media player\wmpnetwk.exe | "{E4ACAFB8-1A05-4582-9085-EDC8CA139468}" = protocol=58 | dir=in |
[email protected],-28545 | "{E9824140-5BD6-4317-8FC3-22B4D7256910}" = protocol=17 | dir=out |
app=%programfiles%\windows media player\wmpnetwk.exe | "{F39EBB38-468A-48D5-AD9E-C7A4796DD5B9}" = protocol=17 | dir=out |
app=%programfiles%\windows media player\wmplayer.exe | "{FAEFB53C-7057-4484-98BA-F4657B09F6FB}" = protocol=17 | dir=in |
app=c:\users\sylvia garcia\appdata\local\temp\low\koino\anysupport\host_kr\koinohost.exe | "{FB97EDAC-C835-4ED6-A82F-95D0E4704FBA}" = protocol=1 | dir=out |
[email protected],-28544 |
========== HKEY_LOCAL_MACHINE
Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00A61104-74B5-4056-AD00-4397EF4FB141}" = iCloud "{18D47FA1-0440-48D3-A7E0-DA09537FF471}" =
Apple Mobile Device Support "{26B4D0E1-6F6D-48DF-8719-80276A259F7E}" =
SavetheChildren Reminder by We-Care.com v4.1.26.4 "{273130E8-117C-4237-A0FA-83EBBF11E051}" =
Driver Restore "{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" =
WeatherBug "{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}" =
iTunes "{328622FC-0159-420C-BAE4-81B3001B4DA1}_is1" =
ID Patroller "{36A345C9-0691-45A1-AEEF-29ECEC8B5014}" =
Microsoft Security Client "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" =
Microsoft .NET Framework 4.5.1 "{597FB4A5-DD86-4316-A410-7E8074CC2CCE}" =
Driver Support "{5D6D605B-E4B7-490B-A794-9284BC3D2A8B}" =
Driver Detective "{6C6165FD-303E-4696-9D61-930244405B17}" =
ASRPlugin2 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" =
Microsoft Visual C++ 2005 Redistributable "{730E03E4-350E-48E5-9D3E-4329903D454D}" =
Itibiti RTC "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" =
Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" =
Bonjour "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" =
Skypeâ„¢ 6.16 "{82BF2C5E-79A7-4A13-B508-D5E64A5B141E}" =
Uninstall Helper "{847917E3-683B-4A08-8CEB-FBB46CA2785A}" =
Muvic Smartbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" =
Microsoft Silverlight "{90120000-0020-0409-0000-0000000FF1CE}" =
Compatibility Pack for the 2007 Office system "{90140000-2005-0000-0000-0000000FF1CE}" =
Microsoft Office File Validation Add-In "{91120409-6000-11D3-8CFE-0150048383C9}" =
Microsoft Office Standard Edition 2003 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" =
Microsoft .NET Framework 4.5.1 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" =
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" =
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A0B0DA25-DD15-4739-92A3-62D3424F043A}_is1" =
PC Tech Hotline "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" =
Google Update Helper "{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" =
Apple Application Support "{AC7E7905-8C59-4806-A96D-30936A2B1FC5}" =
Citrix Online Launcher "{BB285C9F-C821-4770-8970-56C4AB52C87E}" =
Skype Click to Call "{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" =
Google Talk Plugin "{F0A37341-D692-11D4-A984-009027EC0A9C}" =
SoundMAX "{F7B34B38-02A6-44D5-B8CC-06EB3B8ACFC9}_is1" =
PC Fix Speed 1.2.0.24 "888pokerNJ" =
888pokerNJ "94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1" =
Activeris AntiMalware "Adobe Flash Player ActiveX" =
Adobe Flash Player 13 ActiveX "Adobe Flash Player Plugin" =
Adobe Flash Player 13 Plugin "BrowserSafeguard" =
BrowserSafeguard with RocketTab "Consumer Input Installer" =
Consumer Input (remove only) "ContentExplorer" =
ContentExplorer "Convert Files for Free" =
Convert Files for Free "f2d51b4c-2921-4a51-a0e0-efc3cbf492b8" =
BlockAndSurf "ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09] "Frieven_s_Prox_1.8" = Frieven_s_Prox_1.8 "Google Chrome" =
Google Chrome "HaaliMkx" =
Haali Media Splitter "HDMI" =
Intel® Graphics Media Accelerator Driver "HiDef Media Player" =
 HiDef Media Player 1.1.12 "Highlightly" =
Highlightly "Hyper Browser" = Hyper Browser "ImagePrinter" =
ImagePrinter 2.1 "Itibiti_is1" =
KNCTR "iWebar" = iWebar "Jsip" = Jsip "LightsOff" = Lights Off "Mediaa_Play_AIR_1.4" =
Mediaa_Play_AIR_1.4 "Microsoft Security Client" =
Microsoft Security Essentials "Netstudy ¹öÀü2.5" =
Netstudy ¹öÀü2.5 "NSS" = Norton Security Scan "OpenSoftwareUpdater" =
OpenSoftwareUpdater "Paltalk Messenger" =
Paltalk Messenger 11.3 "PC Clean Maestro" = PC Clean Maestro "PC Driver Kit_is1" =
 PC Driver Kit v3.1 "Pidgin" = Pidgin v2.10.3 "Search module" =
Search module "Setup Support for Consumer Input" =
Consumer Input "ShopperPro" =
Shopper-Pro "SpeeditupFree" = SpeeditupFree "System Optimizer Pro" = System Optimizer Pro "U+½º¸¶Æ®·¯´× LTE¿ø¾î¹Îȸȭ" = U+½º¸¶Æ®·¯´× LTE¿ø¾î¹Îȸȭ 2.5 "Uninstall Helper 2.0.1.0" =
Uninstall Helper "Virtual Printer_is1" = Virtual Printer "VLC media player" = VLC media player 2.1.3
"Weather It Up" = Weather It Up "WeatherBug®" = WeatherBug® "Worldwide Web Research11.041.44" =
Worldwide Web Research "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Software Update" = Yahoo! Software Update "YTDownloader" =
YTDownloader
========== HKEY_CURRENT_USER
 Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 6.3.0.1440
"OutfoxTV" = OutfoxTV "Severe Weather Alerts" = Severe Weather Alerts
 ========== Last 20 Event Log Errors ==========
[ Application Events ] Error - 6/12/2014 9:20:36 AM |
Computer Name = SylviaGarcia-PC | Source = Bonjour Service |
 ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 4056 Error -
 6/12/2014 9:20:36 AM | Computer Name = SylviaGarcia-PC | Source = Bonjour Service | ID = 100 Description =
 Task Scheduling Error: m->NextScheduledSPRetry 4056 Error - 6/12/2014 9:20:37 AM |
Computer Name = SylviaGarcia-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 6/12/2014 9:20:37 AM |
 Computer Name = SylviaGarcia-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 5054 Error - 6/12/2014 9:20:37 AM |
Computer Name = SylviaGarcia-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 5054 Error - 6/12/2014 9:20:38 AM |
 Computer Name = SylviaGarcia-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second
Error - 6/12/2014 9:20:38 AM | Computer Name = SylviaGarcia-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 6068
 Error - 6/12/2014 9:20:38 AM | Computer Name = SylviaGarcia-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling
Error: m->NextScheduledSPRetry 6068 Error - 6/12/2014 9:20:39 AM | Computer Name = SylviaGarcia-PC | Source = Bonjour Service | ID = 100 Description =
Task Scheduling Error: Continuously busy for more than a second Error - 6/12/2014 9:20:39 AM | Computer Name = SylviaGarcia-PC |
Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 7066 Error - 6/12/2014 9:20:39 AM | Computer Name = SylviaGarcia-PC |
 Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 7066 [ System Events ] Error - 6/12/2014 2:59:59 AM |
Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000 Description = The Jsip service failed to start due to the following error: %%2 Error -
6/12/2014 3:00:00 AM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager |
ID = 7000 Description = The pcregservice Service service failed to start due to the following error: %%2 Error - 6/12/2014 3:00:00 AM | Computer Name = SylviaGarcia-PC |
 Source = Service Control Manager | ID = 7000 Description = The Search Module Update service failed to start due to the following error: %%2 Error - 6/12/2014 3:00:00 AM |
Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000 Description =
The SPDRIVER_1.35.1.155 service failed to start due to the following error: %%3 Error - 6/12/2014 3:00:01 AM |
Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000 Description = The vxlsnyaiet32 service failed to start due to the following error: %%2 Error -
6/12/2014 3:00:01 AM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager |
ID = 7000 Description = The WinRST service failed to start due to the following error: %%2 Error - 6/12/2014 3:00:03 AM | Computer Name = SylviaGarcia-PC |
Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw Error -
6/12/2014 3:02:05 AM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000 Description = The ConsumerInput Update Service
(consumerinput_update) service failed to start due to the following error: %%2 Error - 6/12/2014 5:11:14 AM |
Computer Name = SylviaGarcia-PC | Source = Microsoft-Windows-WindowsUpdateClient |
ID = 20 Description = Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 (KB2871997).
 Error - 6/12/2014 9:21:59 AM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager |
ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UMVPFSrv service.
< End of report >
http://3.2.69.0/
3.2.69.0

Link to post
Share on other sites

smgarcia, it looks like you have some bad programs installed !

Please check for me to see if they are installed BUT do NOT remove them yet !! They will be in the control panel under add/remove/uninstall programs !!

 

MyPC Backup
Conduit SearchProtect
Optimizer Pro v3.2
ScanTack
Muvic Smartbar
Mysearch
PC Fix Speed
SpeeditupFree System Optimizer Pro
 

 

Let me know before we go any further !!

 

Thanks

Chuck

Link to post
Share on other sites

Ok here are the programs I found under control panel uninstall: Muvic Smartbar, PC Fix Speed, Speed it up Free, System Optimizer Pro

 

p.s. I am happy to say: I was finally able to paste here. :) I appreciate everything you are doing to get my computer back to its normal state. Thank you so much.

Link to post
Share on other sites

smgarcia, please run the Junkware Removal program again for me, use the instructions above. Then post the logs here !!

 

 

NEXT:

Lets try removeing those >>> Muvic Smartbar, PC Fix Speed, Speed it up Free, System Optimizer Pro <<<  from the control panel uninstall them. Let me know how this goes !!

 

Also i need you to run the OTL program again !! Please use the instructions above & copy & paste log here !

 

Thanks

Chuck

Link to post
Share on other sites
Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x86

Ran by Sylvia Garcia on Thu 06/12/2014 at 14:38:24.29

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Chrome

 

Successfully deleted: [Folder] C:\Users\Sylvia Garcia\appdata\local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 06/12/2014 at 14:41:29.56

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites
OTL logfile created on: 6/12/2014 3:05:08 PM - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sylvia Garcia\Downloads

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17041)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

1.99 Gb Total Physical Memory | 0.70 Gb Available Physical Memory | 34.95% Memory free

3.98 Gb Paging File | 2.13 Gb Available in Paging File | 53.64% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232.84 Gb Total Space | 185.52 Gb Free Space | 79.68% Space Free | Partition Type: NTFS

 

Computer Name: SYLVIAGARCIA-PC | User Name: Sylvia Garcia | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2014/06/12 15:03:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sylvia Garcia\Downloads\OTL.com

PRC - [2014/06/05 07:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

PRC - [2014/05/06 01:40:28 | 000,320,400 | ---- | M] (Outfox Tv Productions Pty Ltd) -- C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe

PRC - [2014/05/05 00:06:34 | 000,186,768 | ---- | M] (Outfox Tv Productions Pty Ltd) -- C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe

PRC - [2014/04/24 15:10:34 | 000,065,912 | ---- | M] (Coffee and Comfort Apps, LLC) -- C:\ProgramData\LightsOff\LightsOffService.exe

PRC - [2014/04/24 15:10:04 | 000,042,872 | ---- | M] (Coffee and Comfort Apps, LLC) -- C:\ProgramData\LightsOff\LightsOff.exe

PRC - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

PRC - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

PRC - [2014/03/16 18:11:04 | 000,640,000 | ---- | M] () -- C:\Program Files\Java Update\winclient32.exe

PRC - [2014/03/11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe

PRC - [2014/03/11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe

PRC - [2014/03/11 10:13:14 | 000,951,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2014/02/27 09:09:30 | 000,343,040 | ---- | M] () -- C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe

PRC - [2014/02/17 11:59:28 | 004,680,568 | ---- | M] (PC Drivers Headquarters) -- C:\Program Files\Driver Support\Driver Support\DriverSupport.exe

PRC - [2014/01/12 04:06:44 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2013/11/20 15:43:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

PRC - [2013/11/20 15:43:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

PRC - [2013/11/01 09:22:46 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe

PRC - [2013/09/13 20:20:42 | 000,084,184 | ---- | M] (Weather Notifications, LLC) -- C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe

PRC - [2013/08/01 18:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2012/11/20 15:30:38 | 001,653,760 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe

PRC - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

PRC - [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
Link to post
Share on other sites

These first two are OTL.text

Here is the 2nd half

 

========== Modules (No Company Name) ==========
 
MOD - [2014/06/09 19:33:12 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\15c45f1932751583dc3c2d49e5786acd\System.Web.Services.ni.dll
MOD - [2014/06/09 19:33:09 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014/06/09 19:32:50 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/06/09 19:32:33 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\27d6a35533978defe1fc51fb84edb058\System.Data.ni.dll
MOD - [2014/06/09 19:31:05 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/06/05 07:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 07:58:37 | 014,612,296 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
MOD - [2014/06/05 07:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 07:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 07:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 07:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014/04/24 15:10:06 | 001,161,080 | ---- | M] () -- C:\Windows\System32\LightsOff.CD920490367F.dll
MOD - [2014/03/16 18:11:04 | 000,640,000 | ---- | M] () -- C:\Program Files\Java Update\winclient32.exe
MOD - [2014/03/14 22:25:44 | 000,236,544 | ---- | M] () -- C:\Program Files\Java Update\sqlite3.dll
MOD - [2014/02/27 09:09:32 | 000,069,120 | ---- | M] () -- C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsAppAPI.dll
MOD - [2014/02/27 09:09:30 | 000,343,040 | ---- | M] () -- C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
MOD - [2014/02/17 11:24:00 | 000,428,448 | ---- | M] () -- C:\Program Files\Driver Support\Driver Support\Agent.Communication.XmlSerializers.dll
MOD - [2014/02/13 04:32:23 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll
MOD - [2014/02/13 04:26:02 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/13 04:25:53 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/13 04:25:50 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\4f5069e6497e5e6a381ab6aadf05d6a5\Accessibility.ni.dll
MOD - [2014/02/13 04:25:33 | 000,688,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\f6db4a5f721a164ce945d0a28f2ca7bd\System.Security.ni.dll
MOD - [2014/02/13 04:25:29 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/13 04:25:24 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/13 04:25:23 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 20:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/09/14 01:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
MOD - [2013/09/14 01:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2010/11/20 15:29:11 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\WinRST\WinRST.exe -- (WinRST)
SRV - File not found [Auto | Stopped] -- C:\Program Files\003\vxlsnyaiet32.exe run options=01100010030000000000000000000000 sourceguid=6E6B36EB-9156-411B-B951-C735F4747DCF -- (vxlsnyaiet32)
SRV - File not found [Auto | Stopped] -- C:\Program Files\SpeedItup Free\spdfrmon.exe -- (spdfrmon)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe /service -- (SMUpd)
SRV - File not found [Auto | Stopped] -- C:\Program Files\pcreg\pcreg.exe -- (pcregservice)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Jsip\Jsip.exe -- (Jsip)
SRV - File not found [Auto | Stopped] -- C:\Program Files\002\fpvoixdaog32.exe run options=01110010020000000000000000000000 sourceguid=916A702F -- (fpvoixdaog32)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Convert Files for Free\ConvertFilesforFreeUpdt.exe -- (ConvertFilesforFreeUpdt)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Consumer Input\Update\ConsumerInputUpdate.exe /svc -- (consumerinput_update)
SRV - [2014/05/13 21:31:32 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/05 00:06:34 | 000,186,768 | ---- | M] (Outfox Tv Productions Pty Ltd) [Auto | Running] -- C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe -- (OutfoxTvUpdater)
SRV - [2014/04/24 15:10:34 | 000,065,912 | ---- | M] (Coffee and Comfort Apps, LLC) [Auto | Running] -- C:\ProgramData\LightsOff\LightsOffService.exe -- (LightsOff)
SRV - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/03/11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2014/03/11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2014/02/28 21:38:23 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/01/12 04:12:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/26 22:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ShopperPro\JSDriver\1.35.1.155\jsdrv.sys -- (SPDRIVER_1.35.1.155)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys -- (SMUpdd)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw.sys -- ({2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw)
DRV - [2014/06/09 12:10:10 | 000,052,920 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw.sys -- ({9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw)
DRV - [2014/03/11 09:52:30 | 000,104,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/01/18 07:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2011/11/28 12:32:28 | 000,034,128 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dfmirage.sys -- (dfmirage)
DRV - [2010/11/20 15:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 15:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 15:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {f2e99efd-72dc-4c5d-9f7c-219133ff8e40} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12692&tm=330&src=ds&p={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 1E 03 73 4D 0E CF 01  [binary data]
IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\URLSearchHook: {f2e99efd-72dc-4c5d-9f7c-219133ff8e40} - No CLSID value found
IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12692&tm=330&src=ds&p={searchTerms}
IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\scilearn.com/ASRPlugin2: C:\Program Files\ScientificLearningCorporation\ASRPlugin2\2.3.0.0\npASRPlugin2_2.3.0.0.dll (Scientific Learning Corporation)
FF - HKLM\Software\MozillaPlugins\scilearn.com/ASRPluginCheck: C:\Program Files\ScientificLearningCorporation\ASRPluginCheck\1.0.0.0\npASRPluginCheck.dll (Scientific Learning Corporation)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Sylvia Garcia\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sylvia Garcia\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sylvia Garcia\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
 
[2014/04/27 10:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Extensions
[2014/04/27 20:00:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2014/04/27 10:30:20 | 000,036,933 | ---- | M] () (No name found) -- C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected]
[2014/04/29 15:33:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Trovi search (Enabled)
CHR - default_search_provider: suggest_url = http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_1\
CHR - Extension: Google Drive = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Design Page = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakgmemkflciahncfpgaebpnknhejeja\0.1_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_1\
CHR - Extension: YouTube = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Frieven_s_Prox_1.8 = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceenmgoldhkkegcnlieacjjhndklllkp\1.26.18_0\crossrider
CHR - Extension: Frieven_s_Prox_1.8 = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceenmgoldhkkegcnlieacjjhndklllkp\1.26.18_0\
CHR - Extension: Spry this! = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\
CHR - Extension: Google Search = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_1\
CHR - Extension: Mediaa_Play_AIR_1.4 = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhkgfigejkhikbkfkkglinnkfojkdek\1.26.13_0\crossrider
CHR - Extension: Mediaa_Play_AIR_1.4 = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhkgfigejkhikbkfkkglinnkfojkdek\1.26.13_0\
CHR - Extension: Google Wallet = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 15:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (ConvertFilesforFree) - {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} - C:\Program Files\Convert Files for Free\ConvertFilesforFree.dll File not found
O2 - BHO: (Highlightly) - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\Toolbar\WebBrowser: (no name) - {F2E99EFD-72DC-4C5D-9F7C-219133FF8E40} - No CLSID value found.
O4 - HKLM..\Run: [AutoLoader] "C:\Users\SYLVIA~1\AppData\Local\Temp\WebMonitor.exe" File not found
O4 - HKLM..\Run: [iD Patroller] "C:\Program Files\ID Patroller\ID Patroller\IDPatroller.exe" "/min" File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OpenSoftwareUpdater] C:\Program Files\OpenSoftwareUpdater\OpenSoftwareUpdater.exe File not found
O4 - HKLM..\Run: [pcreg] C:\Program Files\pcreg\service.exe File not found
O4 - HKLM..\Run: [sPDriver] C:\Program Files\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe File not found
O4 - HKLM..\Run: [Windows Client Manager] C:\Program Files\Java Update\winclient32.exe ()
O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [Driver Support] C:\Program Files\Driver Support\Driver Support\DriverSupport.exe (PC Drivers Headquarters)
O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe (Outfox Tv Productions Pty Ltd)
O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [pcreg] C:\Program Files\pcreg\service.exe File not found
O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk = C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe ()
O4 - Startup: C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk = C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (Weather Notifications, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {63F0EC82-403A-4936-A664-9D05A4727049} http://install.inetstudy.co.kr/Sisa20/NSInstallAx.cab (NSInstall Control)
O16 - DPF: {94EB25BD-3FBA-4A6D-9086-103F3B6EC9EE} http://939.co.kr/data_dir/ezhelp/ActiveX/ezHelpLauncher20140316220215.cab (ezHelpServerLauncher Control)
O16 - DPF: {A5261EF0-76F0-4D9C-891C-56813163D9DA} http://as82.kr/download/_cab/KoinoLoader.cab (KoinoLoader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84016E75-D933-4D53-AEE3-51FA64F1C4CA}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/11 00:39:04 | 000,052,920 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw.sys
[2014/06/10 23:40:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2014/06/10 23:40:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/06/10 23:40:41 | 000,187,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/06/10 23:40:36 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/06/10 23:40:36 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/06/10 11:36:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mediaa_Play_AIR_1.4
[2014/06/10 11:36:12 | 000,000,000 | ---D | C] -- C:\Program Files\Frieven_s_Prox_1.8
[2014/06/10 11:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/06/10 09:46:39 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\Desktop\YBM JSQ video clips
[2014/06/10 09:45:15 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\Desktop\Pay Calculation for JSQ
[2014/06/10 09:42:43 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\Desktop\Microsoft word Documents
[2014/06/09 19:13:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/06/09 19:08:23 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014/06/09 19:07:19 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/08 16:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2014/05/22 04:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/05/15 07:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Update
[2014/05/15 07:27:41 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\AppData\Roaming\WeatherBug
[2014/05/15 07:27:36 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBug
[2014/05/15 07:24:11 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OutfoxTV
[2014/05/15 07:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\OutfoxTV
[2014/05/14 10:57:47 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2014/05/14 10:57:47 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\Documents\888PokerNJ
[2014/05/14 10:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888pokerNJ
[2014/05/14 10:56:43 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\AppData\Roaming\888pokerNJ
[2014/05/14 10:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\888pokerNJ
[2014/05/14 03:22:45 | 000,000,000 | --SD | C] -- C:\Windows\System32\CompatTel
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Sylvia Garcia\AppData\Local\*.tmp files -> C:\Users\Sylvia Garcia\AppData\Local\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/12 15:03:57 | 007,458,816 | ---- | M] () -- C:\Users\Sylvia Garcia\AppData\Local\ChromeHitoryDB
[2014/06/12 14:57:53 | 000,021,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/12 14:57:53 | 000,021,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/12 14:57:02 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2375953999-3041022653-1334519409-1000UA.job
[2014/06/12 14:55:01 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2375953999-3041022653-1334519409-1000Core.job
[2014/06/12 14:50:53 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/12 14:50:43 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2014/06/12 14:50:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/12 14:50:39 | 1602,441,216 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/12 14:47:13 | 000,000,546 | ---- | M] () -- C:\Windows\System32\schtasks.bin
[2014/06/12 14:44:02 | 000,000,530 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-2375953999-3041022653-1334519409-1000.job
[2014/06/12 14:34:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/12 14:31:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/12 01:37:24 | 002,123,430 | ---- | M] () -- C:\Users\Sylvia Garcia\Documents\T-C-148-Weather-And-Season-Day-Calendar.pdf
[2014/06/12 01:36:45 | 007,917,242 | ---- | M] () -- C:\Users\Sylvia Garcia\Documents\T-L-069-Alphabet-picture-posters-mnenomic.pdf
[2014/06/10 23:43:12 | 000,000,071 | ---- | M] () -- C:\Users\Sylvia Garcia\AppData\Roaming\WB.CFG
[2014/06/10 11:40:15 | 000,002,236 | ---- | M] () -- C:\Users\Sylvia Garcia\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/10 11:40:15 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/09 18:24:42 | 000,000,000 | ---- | M] () -- C:\Cookies
[2014/06/09 12:10:10 | 000,052,920 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw.sys
[2014/06/08 02:48:16 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/06/08 02:43:43 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/06/02 14:55:54 | 000,000,456 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Sylvia Garcia.job
[2014/05/14 10:57:47 | 000,002,014 | ---- | M] () -- C:\Users\Sylvia Garcia\Application Data\Microsoft\Internet Explorer\Quick Launch\888pokerNJ.lnk
[2014/05/13 21:31:30 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/05/13 21:31:30 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/05/13 20:43:04 | 000,004,608 | ---- | M] () -- C:\eduVideo.GRF
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Sylvia Garcia\AppData\Local\*.tmp files -> C:\Users\Sylvia Garcia\AppData\Local\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/12 01:37:31 | 002,123,430 | ---- | C] () -- C:\Users\Sylvia Garcia\Documents\T-C-148-Weather-And-Season-Day-Calendar.pdf
[2014/06/12 01:37:04 | 007,917,242 | ---- | C] () -- C:\Users\Sylvia Garcia\Documents\T-L-069-Alphabet-picture-posters-mnenomic.pdf
[2014/06/11 01:30:34 | 000,000,546 | ---- | C] () -- C:\Windows\System32\schtasks.bin
[2014/06/10 11:30:33 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/10 11:29:17 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/10 11:29:15 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/09 18:24:42 | 000,000,000 | ---- | C] () -- C:\Cookies
[2014/05/14 10:57:47 | 000,002,014 | ---- | C] () -- C:\Users\Sylvia Garcia\Application Data\Microsoft\Internet Explorer\Quick Launch\888pokerNJ.lnk
[2014/04/26 22:09:33 | 007,458,816 | ---- | C] () -- C:\Users\Sylvia Garcia\AppData\Local\ChromeHitoryDB
[2014/04/24 15:10:06 | 001,161,080 | ---- | C] () -- C:\Windows\System32\LightsOff.CD920490367F.dll
[2014/02/20 11:06:00 | 000,000,071 | ---- | C] () -- C:\Users\Sylvia Garcia\AppData\Roaming\WB.CFG
[2014/02/05 14:49:16 | 000,205,904 | ---- | C] () -- C:\Windows\System32\ezHelpDownloader.exe
[2014/01/11 15:12:52 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
 
========== ZeroAccess Check ==========
 
[2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 20:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 15:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/06/09 20:17:52 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\.purple
[2014/06/09 20:17:52 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\888pokerNJ
[2014/04/28 01:02:54 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\Compete
[2014/04/27 20:00:26 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\ContentExplorer
[2014/01/10 17:46:50 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\ezhelp
[2014/04/30 04:46:28 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\Gameo
[2014/04/28 07:39:41 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\GameoUpdater
[2014/03/31 09:22:30 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\Itibiti
[2014/01/12 16:34:26 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\Mastersoft
[2014/04/27 16:46:00 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\OpenSoftwareUpdater
[2014/04/27 23:47:12 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\Paltalk
[2014/04/29 16:43:13 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\PC Driver Kit
[2014/04/28 07:40:05 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\RocketUpdater
[2014/05/15 07:27:41 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\WeatherBug
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:373E1720
 
< End of report >
Link to post
Share on other sites

Here is the extras

log #2

 

OTL Extras logfile created on: 6/12/2014 3:05:08 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sylvia Garcia\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 0.70 Gb Available Physical Memory | 34.95% Memory free
3.98 Gb Paging File | 2.13 Gb Available in Paging File | 53.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.84 Gb Total Space | 185.52 Gb Free Space | 79.68% Space Free | Partition Type: NTFS
 
Computer Name: SYLVIAGARCIA-PC | User Name: Sylvia Garcia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\File Type Helper\FileTypeHelper.exe "%1"
Directory [AddToPlaylistHiDefMedia] -- "C:\Program Files\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --playlist-enqueue "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithHiDefMedia] -- "C:\Program Files\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --no-playlist-enqueue "%1"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07BF770D-4FFF-4E1D-B469-DD549C1A98C5}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{20180691-9756-497F-9B70-1539F54ADB57}" = lport=1500 | protocol=6 | dir=in | name=koinorc | 
"{2244EE1F-12D3-4C59-AFC1-68762F95CFD7}" = lport=138 | protocol=17 | dir=in | app=system | 
"{2671F1CE-C56F-4AE0-BDA3-A6BE25F612A4}" = lport=445 | protocol=6 | dir=in | app=system | 
"{2A17E81D-C012-4E9C-A83A-256F49F769C3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4310B9F7-38FE-4882-8C07-59B9B4835D6C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{566AA155-D1D0-425F-AEC6-C154D5E93822}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5D1D47EF-E059-48FE-B0C5-D09F0A2250BE}" = lport=139 | protocol=6 | dir=in | app=system | 
"{5EC71C40-857E-4F03-B64A-57A3DE83D5EB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{64A4D4A5-B920-4B3F-BB87-6F19F72D4CFD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{736A8DB7-5662-4749-B0DA-6A069E9BF922}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{95CD0746-F355-4F26-8DED-B9DE612CCA42}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A53AE193-DCCB-49A8-9101-C779B1DEC8DB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{A59940D6-610B-48FA-86C6-6ECEB60FCF41}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{AB913312-E45B-4FC2-A468-DA0023F03EF5}" = rport=138 | protocol=17 | dir=out | app=system | 
"{C3F7AF7A-D3E4-4291-B3CD-4B0ED345E8B8}" = rport=139 | protocol=6 | dir=out | app=system | 
"{CB8A14D1-98BD-4218-917B-828AC218EACA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CF510007-4094-465E-8CF6-60028D061514}" = lport=2500 | protocol=6 | dir=in | name=koinorc | 
"{CF8F4BD3-32D0-4B2A-99FD-1FE4E3F013E8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{D7822E68-C36E-4EA5-80D0-AB54FAF6EA9C}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{DF32811B-8086-462D-926E-3E4B01646634}" = rport=445 | protocol=6 | dir=out | app=system | 
"{F0F8AE54-B9A6-4DE1-B0CB-8530F06E66AC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F1BBB711-9E66-4807-99FE-8E02E899185A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FABFA6F8-C02C-4CFA-A7C2-5A2D253B53B0}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{FE3BD681-078D-4A14-9ED8-CD64ACF80ACB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14A82A06-41DE-409F-8D1E-B93C99D16FC2}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{19A2097B-26FF-41CD-9662-977D5388FA4D}" = protocol=1 | dir=in | [email protected],-28543 | 
"{204337A7-008F-4E5F-89E1-FB4A037E45D3}" = dir=out | app=c:\program files\pcreg\service.exe | 
"{2055466D-9226-4F23-BA6D-7DC71B9B1F33}" = protocol=6 | dir=in | app=c:\program files\ezhelp\server\remotefserver.exe | 
"{20EEEDCA-F391-4BE1-9E61-C12FA43081A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{27A36327-67FA-402D-ACCD-A4FAA2593C39}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{3FB7C4DC-0ADF-4F36-A2BA-D3FDD793CE94}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 
"{48D84FE4-67DC-4DEF-9D03-95CDB51B1E83}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 
"{53F3D600-144D-4980-92F4-9CB76B341540}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{58384399-2845-4F16-93DB-370D8A12FD78}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{591C9CAA-E1B5-43E8-A721-F09727A08934}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{69101A41-8770-4615-8B12-65036A50FF52}" = dir=in | app=c:\program files\pcreg\service.exe | 
"{714042C2-A681-4C5C-ADCF-2875606DA2B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{81A78C7D-2073-4D5D-BF4F-F4037CA29F8D}" = dir=in | app=c:\program files\pcreg\pcreg.exe | 
"{85541F52-E459-4425-BE58-52B7872F4FD8}" = protocol=6 | dir=out | app=system | 
"{86512971-99CD-4AE1-9A7A-D2BB0B2B16EA}" = protocol=6 | dir=in | app=c:\program files\ezhelp\server\ezhelpserver.exe | 
"{8721D66F-D0DA-49C4-B571-D2E391FBA216}" = protocol=58 | dir=out | [email protected],-28546 | 
"{8B4D38E7-A0F8-466B-AA90-2912AFE50A1A}" = protocol=6 | dir=in | app=c:\program files\itibiti soft phone\itibiti.exe | 
"{953035EA-A82D-4081-993C-32973EA9176E}" = dir=out | app=c:\program files\pcreg\pcreg.exe | 
"{984D30B5-8108-4290-949C-91A362A62C74}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9A508DE9-4299-4E6D-85C0-5A9D3E8F322B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9E74EE48-DEF3-4A76-80D7-5A5B4FDD648D}" = protocol=17 | dir=in | app=c:\program files\itibiti soft phone\itibiti.exe | 
"{ABEEB1EB-E0C0-4017-AF63-D3EE70FD4930}" = protocol=6 | dir=in | app=c:\program files\ezhelp\server\soundmodule.exe | 
"{AFE5D441-9CD8-47BB-952A-AC30E07AD4B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B9C0990F-FCE5-40A4-9F2B-0607049851CE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C2449ED6-935A-49A1-BBD8-249E8675A41E}" = dir=in | app=c:\program files\pcreg\service.exe | 
"{C5C1C9D3-E6D0-4289-BBB2-CBB616BF69CF}" = protocol=6 | dir=in | app=c:\users\sylvia garcia\appdata\local\temp\low\koino\anysupport\host_kr\koinohost.exe | 
"{C9D413A4-37AB-4121-8341-4A4119EFA2F0}" = dir=in | app=c:\program files\pcreg\pcreg.exe | 
"{D24B1C26-B434-479A-BCA7-2E38D9DA0AAD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{D61CC514-7B60-4FC6-8779-5044AD44081B}" = dir=out | app=c:\program files\pcreg\pcreg.exe | 
"{DE6EBF81-AD23-4EEA-8F51-160AC097041E}" = dir=out | app=c:\program files\pcreg\service.exe | 
"{DEDD3813-7C25-4964-A2A1-B7DE4B84A702}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E4ACAFB8-1A05-4582-9085-EDC8CA139468}" = protocol=58 | dir=in | [email protected],-28545 | 
"{E9824140-5BD6-4317-8FC3-22B4D7256910}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F39EBB38-468A-48D5-AD9E-C7A4796DD5B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FAEFB53C-7057-4484-98BA-F4657B09F6FB}" = protocol=17 | dir=in | app=c:\users\sylvia garcia\appdata\local\temp\low\koino\anysupport\host_kr\koinohost.exe | 
"{FB97EDAC-C835-4ED6-A82F-95D0E4704FBA}" = protocol=1 | dir=out | [email protected],-28544 | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A61104-74B5-4056-AD00-4397EF4FB141}" = iCloud
"{18D47FA1-0440-48D3-A7E0-DA09537FF471}" = Apple Mobile Device Support
"{26B4D0E1-6F6D-48DF-8719-80276A259F7E}" = SavetheChildren Reminder by We-Care.com v4.1.26.4
"{273130E8-117C-4237-A0FA-83EBBF11E051}" = Driver Restore
"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug
"{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}" = iTunes
"{328622FC-0159-420C-BAE4-81B3001B4DA1}_is1" = ID Patroller
"{36A345C9-0691-45A1-AEEF-29ECEC8B5014}" = Microsoft Security Client
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{597FB4A5-DD86-4316-A410-7E8074CC2CCE}" = Driver Support
"{5D6D605B-E4B7-490B-A794-9284BC3D2A8B}" = Driver Detective
"{6C6165FD-303E-4696-9D61-930244405B17}" = ASRPlugin2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skypeâ„¢ 6.16
"{82BF2C5E-79A7-4A13-B508-D5E64A5B141E}" = Uninstall Helper
"{847917E3-683B-4A08-8CEB-FBB46CA2785A}" = Muvic Smartbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0B0DA25-DD15-4739-92A3-62D3424F043A}_is1" = PC Tech Hotline
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AC7E7905-8C59-4806-A96D-30936A2B1FC5}" = Citrix Online Launcher
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"888pokerNJ" = 888pokerNJ
"94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1" = Activeris AntiMalware
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"BrowserSafeguard" = BrowserSafeguard with RocketTab
"Consumer Input Installer" = Consumer Input (remove only)
"ContentExplorer" = ContentExplorer
"Convert Files for Free" = Convert Files for Free
"f2d51b4c-2921-4a51-a0e0-efc3cbf492b8" = BlockAndSurf
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"Frieven_s_Prox_1.8" = Frieven_s_Prox_1.8
"Google Chrome" = Google Chrome
"HaaliMkx" = Haali Media Splitter
"HDMI" = Intel® Graphics Media Accelerator Driver
"HiDef Media Player" = HiDef Media Player 1.1.12
"Highlightly" = Highlightly
"Hyper Browser" = Hyper Browser
"ImagePrinter" = ImagePrinter 2.1
"Itibiti_is1" = KNCTR
"iWebar" = iWebar
"Jsip" = Jsip
"LightsOff" = Lights Off
"Mediaa_Play_AIR_1.4" = Mediaa_Play_AIR_1.4
"Microsoft Security Client" = Microsoft Security Essentials
"Netstudy ¹öÀü2.5" = Netstudy ¹öÀü2.5 
"NSS" = Norton Security Scan
"OpenSoftwareUpdater" = OpenSoftwareUpdater
"Paltalk Messenger" = Paltalk Messenger  11.3
"PC Clean Maestro" = PC Clean Maestro
"PC Driver Kit_is1" = PC Driver Kit v3.1
"Pidgin" = Pidgin v2.10.3
"Search module" = Search module
"Setup Support for Consumer Input" = Consumer Input
"ShopperPro" = Shopper-Pro
"U+½º¸¶Æ®·¯´× LTE¿ø¾î¹Îȸȭ" = U+½º¸¶Æ®·¯´× LTE¿ø¾î¹Îȸȭ 2.5
"Uninstall Helper 2.0.1.0" = Uninstall Helper
"Virtual Printer_is1" = Virtual Printer
"VLC media player" = VLC media player 2.1.3
"Weather It Up" = Weather It Up
"WeatherBug®" = WeatherBug®
"Worldwide Web Research11.041.44" = Worldwide Web Research
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YTDownloader" = YTDownloader
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 6.3.0.1440
"OutfoxTV" = OutfoxTV
"Severe Weather Alerts" = Severe Weather Alerts
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 6/12/2014 4:48:11 PM | Computer Name = SylviaGarcia-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 6/12/2014 4:52:31 PM | Computer Name = SylviaGarcia-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 6/12/2014 5:01:39 PM | Computer Name = SylviaGarcia-PC | Source = Application Hang | ID = 1002
Description = The program OTL (2).scr version 3.2.69.0 stopped interacting with 
Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: ad4    Start
 Time: 01cf868114f9bad8    Termination Time: 481    Application Path: C:\Users\Sylvia Garcia\Downloads\OTL
 (2).scr    Report Id: b2659f8a-f274-11e3-8980-001aa0dfb82c  
 
[ System Events ]
Error - 6/12/2014 4:50:48 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000
Description = The ConvertFilesforFreeUpdt service failed to start due to the following
 error:   %%2
 
Error - 6/12/2014 4:50:48 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000
Description = The fpvoixdaog32 service failed to start due to the following error:
   %%2
 
Error - 6/12/2014 4:50:48 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000
Description = The Jsip service failed to start due to the following error:   %%2
 
Error - 6/12/2014 4:50:49 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000
Description = The pcregservice Service service failed to start due to the following
 error:   %%2
 
Error - 6/12/2014 4:50:49 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000
Description = The Search Module Update service failed to start due to the following
 error:   %%2
 
Error - 6/12/2014 4:50:49 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000
Description = The SPDRIVER_1.35.1.155 service failed to start due to the following
 error:   %%3
 
Error - 6/12/2014 4:50:49 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000
Description = The vxlsnyaiet32 service failed to start due to the following error:
   %%2
 
Error - 6/12/2014 4:50:49 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000
Description = The WinRST service failed to start due to the following error:   %%2
 
Error - 6/12/2014 4:50:50 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw
 
Error - 6/12/2014 4:52:50 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000
Description = The ConsumerInput Update Service (consumerinput_update) service failed
 to start due to the following error:   %%2
 
 
< End of report >
Link to post
Share on other sites

smgarcia, lets see what we can find & fix this time ! Some bad programs have to be removed in a certain way & with specific programs/tools !

 

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the customFix.png.  text box of the OTL tool/program ! Start with and include the colon plus  :OTL

:OTLSRV - File not found [Auto | Stopped] -- C:\Program Files\WinRST\WinRST.exe -- (WinRST)SRV - File not found [Auto | Stopped] -- C:\Program Files\003\vxlsnyaiet32.exe run options=01100010030000000000000000000000 sourceguid=6E6B36EB-9156-411B-B951-C735F4747DCF -- (vxlsnyaiet32)SRV - File not found [Auto | Stopped] -- C:\Program Files\SpeedItup Free\spdfrmon.exe -- (spdfrmon)SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe /service -- (SMUpd)SRV - File not found [Auto | Stopped] -- C:\Program Files\pcreg\pcreg.exe -- (pcregservice)SRV - File not found [Auto | Stopped] -- C:\Program Files\Jsip\Jsip.exe -- (Jsip)SRV - File not found [Auto | Stopped] -- C:\Program Files\002\fpvoixdaog32.exe run options=01110010020000000000000000000000 sourceguid=916A702F -- (fpvoixdaog32)SRV - File not found [Auto | Stopped] -- C:\Program Files\Convert Files for Free\ConvertFilesforFreeUpdt.exe -- (ConvertFilesforFreeUpdt)SRV - File not found [Auto | Stopped] -- C:\Program Files\Consumer Input\Update\ConsumerInputUpdate.exe /svc -- (consumerinput_update)DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ShopperPro\JSDriver\1.35.1.155\jsdrv.sys -- (SPDRIVER_1.35.1.155)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys -- (SMUpdd)DRV - File not found [Kernel | System | Stopped] -- system32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw.sys -- ({2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw)IE - HKLM\..\URLSearchHook: {f2e99efd-72dc-4c5d-9f7c-219133ff8e40} - No CLSID value foundIE - HKLM\..\SearchScopes,DefaultScope =IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-s...m=330&src=ds&p={searchTerms}IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\URLSearchHook: {f2e99efd-72dc-4c5d-9f7c-219133ff8e40} - No CLSID value foundIE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/searchIE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-s...m=330&src=ds&p={searchTerms}FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not foundFF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found[2014/04/27 10:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Extensions[2014/04/27 20:00:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Firefox\Profiles\extensions[2014/04/27 10:30:20 | 000,036,933 | ---- | M] () (No name found) -- C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected][2014/04/29 15:33:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensionsCHR - default_search_provider: Trovi search (Enabled)CHR - default_search_provider: search_url = http://www.trovi.com...18CBCA2E6F86&q={searchTerms}&SSPV=O2 - BHO: (ConvertFilesforFree) - {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} - C:\Program Files\Convert Files for Free\ConvertFilesforFree.dll File not foundO2 - BHO: (Highlightly) - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll File not foundO3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.O3 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\Toolbar\WebBrowser: (no name) - {F2E99EFD-72DC-4C5D-9F7C-219133FF8E40} - No CLSID value found.O4 - HKLM..\Run: [AutoLoader] "C:\Users\SYLVIA~1\AppData\Local\Temp\WebMonitor.exe" File not foundO4 - HKLM..\Run: [ID Patroller] "C:\Program Files\ID Patroller\ID Patroller\IDPatroller.exe" "/min" File not foundO4 - HKLM..\Run: [OpenSoftwareUpdater] C:\Program Files\OpenSoftwareUpdater\OpenSoftwareUpdater.exe File not foundO4 - HKLM..\Run: [pcreg] C:\Program Files\pcreg\service.exe File not foundO4 - HKLM..\Run: [SPDriver] C:\Program Files\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe File not foundO4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [pcreg] C:\Program Files\pcreg\service.exe File not foundO9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe File not foundO21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.[2014/06/12 14:44:02 | 000,000,530 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-2375953999-3041022653-1334519409-1000.job[2014/06/12 14:34:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2014/06/12 14:31:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{847917E3-683B-4A08-8CEB-FBB46CA2785A}" = Muvic Smartbar[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"BrowserSafeguard" = BrowserSafeguard with RocketTab[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"PC Clean Maestro" = PC Clean Maestro[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"ShopperPro" = Shopper-Pro:Commands[emptyjava][emptyflash][EMPTYTEMP][RESETHOSTS][CREATERESTOREPOINT][Reboot]

# Then click the Run Fix button at the top.
# Click btnOK.png
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.

 

Post that log next !

 

Chuck

Link to post
Share on other sites
All processes killed

========== OTL ==========

Service WinRST stopped successfully!

Service WinRST deleted successfully!

File C:\Program Files\WinRST\WinRST.exe not found.

Service vxlsnyaiet32 stopped successfully!

Service vxlsnyaiet32 deleted successfully!

File C:\Program Files\003\vxlsnyaiet32.exe run options=01100010030000000000000000000000 sourceguid=6E6B36EB-9156-411B-B951-C735F4747DCF not found.

Service spdfrmon stopped successfully!

Service spdfrmon deleted successfully!

File C:\Program Files\SpeedItup Free\spdfrmon.exe not found.

Service SMUpd stopped successfully!

Service SMUpd deleted successfully!

File C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe /service not found.

Service pcregservice stopped successfully!

Service pcregservice deleted successfully!

File C:\Program Files\pcreg\pcreg.exe not found.

Error: No service named Jsip was found to stop!

Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jsip deleted successfully.

File C:\Program Files\Jsip\Jsip.exe not found.

Service fpvoixdaog32 stopped successfully!

Service fpvoixdaog32 deleted successfully!

File C:\Program Files\002\fpvoixdaog32.exe run options=01110010020000000000000000000000 sourceguid=916A702F not found.

Service ConvertFilesforFreeUpdt stopped successfully!

Service ConvertFilesforFreeUpdt deleted successfully!

File C:\Program Files\Convert Files for Free\ConvertFilesforFreeUpdt.exe not found.

Service consumerinput_update stopped successfully!

Service consumerinput_update deleted successfully!

File C:\Program Files\Consumer Input\Update\ConsumerInputUpdate.exe /svc not found.

Service SPDRIVER_1.35.1.155 stopped successfully!

Service SPDRIVER_1.35.1.155 deleted successfully!

File C:\Program Files\ShopperPro\JSDriver\1.35.1.155\jsdrv.sys not found.

Service SMUpdd stopped successfully!

Service SMUpdd deleted successfully!

File C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys not found.

Service {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw stopped successfully!

Service {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw deleted successfully!

File system32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw.sys not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{f2e99efd-72dc-4c5d-9f7c-219133ff8e40} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f2e99efd-72dc-4c5d-9f7c-219133ff8e40}\ not found.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}\ not found.

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry value HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{f2e99efd-72dc-4c5d-9f7c-219133ff8e40} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f2e99efd-72dc-4c5d-9f7c-219133ff8e40}\ not found.

HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3\ deleted successfully.

C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Extensions folder moved successfully.

C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Firefox\Profiles\extensions folder moved successfully.

File C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected] not found.

C:\Program Files\Mozilla Firefox\extensions folder moved successfully.

Use Chrome's Settings page to remove the default_search_provider items.

Link to post
Share on other sites

Ok lets try & remove all those with this program !

 

Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.

Please note there is a chance when you look for this program to uninstall through Revo it might not be listed because of the previous uninstall. If that is the case simply stop and let me know.

   * Please download and install Revo Uninstaller Free >>> http://www.revouninstaller.com/start_freeware_download.html
   * Double click Revo Uninstaller to run it.
   * From the list of programs double click on the listed program(s), or anything similar, to remove it !!

 

If any of these are present delete ! Let me know if any still exist !

MyPC Backup
Conduit SearchProtect
Optimizer Pro v3.2
ScanTack
Muvic Smartbar
Mysearch
PC Fix Speed
SpeeditupFree System Optimizer Pro

 

 

 

========================

 

 

Clean up with OTL


    Right-click OTL.exe and select " Run as administrator " to run it.
    This will remove all the tools we used to clean your pc.
    Close all other programs apart from OTL as this step will require a reboot
    On the OTL main screen, press the CleanUp! button
    Say Yes to the prompt and then allow the program to reboot your computer.

You can now delete any tools we used if they remain on your Desktop.
 

Reboot & let me know if any pop-ups or redirect to conduit !

 

Thanks

Chuck

Link to post
Share on other sites
Guest
This topic is now closed to further replies.