Computer won't open some pages on the internet. Have programs listed under control panel that I didn't install that won't uninstall via control panel. I ran malwarebytes in safemode found the 1st time said found 1,054 ran a 2nd time said 494 so was thinking maybe it not really removing all the problems.
#1
Posted 28 May 2014 - 09:20 PM
#2
Posted 28 May 2014 - 10:18 PM
Hi andesito
Welcome
I'm 23red, and it'll be my pleasure to assist you with your problem. I am currently reviewing your log. In the meantime, I'd be grateful if you would note the following:
• Please make sure to carefully read every post completely before doing anything.
• If you're not sure, or if something unexpected happens do not continue! Stop and ask! It is not a problem.
• Please do not run any other scans or other software on your computer unless asked as it may make this repair more difficult.
• Please stick with me until all malware is gone from your system. Malware removal is not an instant process, just because you no longer see any symptoms it does not necessarily mean your system is completely clear.
• Please copy/paste to Notepad and save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.
• Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
• As I am currently in training, I will be helping you under the supervision of our Expert Teachers. As such, there will likely be a delay between posts. I do my best to respond as quick as I can. I, like everyone else here am also a volunteer and sometimes life keeps me busy
• Thank you for your understanding and I appreciate your patience.
OTL is currently situated at C:\Users\Otis Endicott\Downloads.. May you please right-click and select copy and then right click and paste it on your Desktop as we'll need it to work from there. Also, residing in Downloads there should be a text file titled extras.txt which was produced at the same time as the OTL.txt. May you please post the contents of that file as well.
Thank you
#3
Posted 01 June 2014 - 06:53 PM
Attached Files
#4
Posted 01 June 2014 - 06:57 PM
Thank you I'll get moving on this for you now.
- Please click on the Follow This Topic Button (at the top right of this page), so you will be notified when answers are posted for you. I'll post back soon as I can.
#5
Posted 03 June 2014 - 09:35 AM
Hi andesito
Let's get this computer cleaned up:
It might be helpful to print these instructions. Upon careful inspection, your log indicates that the programs listed below are installed on your computer. I am requesting the removal of these programs as they are associated with malware, adware or spyware:
AnyProtect
DesktopWeatherAlerts
MyPC Backup
Snap.Do
System Update kb70007
V-bates 2.0.0.440
Windows Updates Downloader
PC Optimizing Programs Information
The following programs are all supposed to speed up the pc or optimize the pc. A lot of them come bundled with other software that has been downloaded so your not even aware that they have been installed. Most of them report problems that aren't really there or problems that aren't really problems. Then they want you to either pay a fee or buy the professional edition so it can clean the system. We feel that they are a waste of system resources and money and do very little if any good. And almost all of them have a Registry cleaning module that can do a great deal of harm. These need to be uninstalled. There are quite a few others that do not appear to be in Programs and Features. We will remove those also, after which your computer will likely run much faster
Optimizer Pro v3.2
PC Fix Speed 1.2.0.24
PC Performer
Multiple AntiVirus Programs
Your computer requires one anti virus program, you appear to have two installed:
AVG
Microsoft Security Essentials
Antivirus programs run in the background providing continuous protection of your system. It's called Real-Time Protection, or scanning, and it uses system resources as it runs. Two or more antivirus programs running at the same time will use 2 or 3 times the amount of system resources, or more. Because each program wants control of the system, there will be conflicts caused, including false positives. The end result is actually LESS antivirus protection.
Please uninstall either AVG or Microsoft Security Essentials from Control Panel ~> Programs and Features as we proceed. If you decide to remove AVG, you will need to use the removal tool found at this link. Once you have uninstalled AVG from Programs and Features, click on Save File button to install and follow the on screen instructions to remove all residual files that may causes issues in the future. Make sure to reboot the computer after the removal process.
Uninstalls
I'll cover most I can see here, if you see others that you do not recognize uninstall those as well.
Please go to Start ~> Control Panel ~> Programs and Features and remove each of the following if present:
If Windows says it cannot locate the program(s) and that it prompts for it to be removed from the list instead, do so by allowing it.
AnyProtect
DesktopWeatherAlerts
MyPC Backup
Optimizer Pro v3.2
PC Fix Speed 1.2.0.24
PC Performer
Snap.Do
System Update kb70007
V-bates 2.0.0.440
Windows Updates Downloader
and either
AVG or
Microsoft Security Essentials
Make sure you run the AVG the removal tool if you choose to uninstall AVG!
Windows Sidebar Advice
It is no longer advisable to have this feature enabled as outline in the below Microsoft article:
Vulnerabilities in Gadgets could allow remote code execution
I advise you download and run the Disable Windows Sidebar and Gadgets Fixtit Utility to rectify this. This will remove this vulnerability.
OTL Fix
Please right click on on your Desktop, choose Run as Administrator, accept UAC prompts.
Under
in the textbox at the bottom of the OTL console window, please copy and then paste in the all of the following text from between the lines:
~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
:Commands
[CREATERESTOREPOINT]
:OTL
SRV:64bit: - [2014/04/07 15:38:50 | 000,210,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\V-bates\ExtensionUpdaterService.exe -- (V-bates Updater)
SRV:64bit: - [2014/04/07 15:38:50 | 000,129,312 | ---- | M] (Wajamu) [Auto | Stopped] -- C:\Program Files\V-bates\guardsvc.exe -- (Mext Guard)
SRV - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () [Auto | Stopped] -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe -- (System Update kb70007)
SRV - [2014/05/25 20:10:19 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014/05/25 20:10:19 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () [Auto | Stopped] -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe -- (System Update kb70007)
SRV - [2014/04/08 11:26:48 | 000,037,920 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\LPT\srpts.exe -- (LPTSystemUpdater)
SRV - [2014/03/14 10:17:00 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope = {6347BB13-7F4C-49D8-A2F3-857E0E085D0E}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-s...&p={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-21-4274430286-4139735347-335498181-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.trovi.com/?gd=&ctid=CT3 [Binary data over 200 bytes]
IE - HKU\S-1-5-21-4274430286-4139735347-335498181-1000\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKU\S-1-5-21-4274430286-4139735347-335498181-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...rcodeID}&um={UM}
IE - HKU\S-1-5-21-4274430286-4139735347-335498181-1000\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...archTerms}=
IE - HKU\S-1-5-21-4274430286-4139735347-335498181-1000\..\SearchScopes\{75491962-E77E-4120-9D1A-E71745F3D35E}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-4274430286-4139735347-335498181-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-s...&p={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Trovi search"
FF - prefs.js..browser.search.defaultthis.engineName: "Vgrabber v1.5 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "default-search.net"
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}: C:\PROGRAM FILES\V-BATES\FIREFOX [2014/05/24 03:36:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}: C:\Program Files\V-bates\Firefox [2014/05/24 03:36:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\LyricsParty\125.xpi
[2014/05/23 11:23:57 | 000,006,060 | ---- | M] () -- C:\Users\Otis Endicott\AppData\Roaming\mozilla\firefox\profiles\ce89jpbd.default\searchplugins\bingp.xml
[2014/05/23 10:08:26 | 000,002,579 | ---- | M] () -- C:\Users\Otis Endicott\AppData\Roaming\mozilla\firefox\profiles\ce89jpbd.default\searchplugins\default-search.xml
[2014/05/24 03:41:53 | 000,002,773 | ---- | M] () -- C:\Users\Otis Endicott\AppData\Roaming\mozilla\firefox\profiles\ce89jpbd.default\searchplugins\Speedial.xml
[2014/05/25 22:04:01 | 000,001,014 | ---- | M] () -- C:\Users\Otis Endicott\AppData\Roaming\mozilla\firefox\profiles\ce89jpbd.default\searchplugins\trovi-search.xml
[2014/05/23 09:43:05 | 000,002,397 | ---- | M] () -- C:\Users\Otis Endicott\AppData\Roaming\mozilla\firefox\profiles\ce89jpbd.default\searchplugins\Web Search.xml
O2:64bit: - BHO: (no name) - {2977C29A-6723-4436-90BB-F7C5FDEF88A1} - No CLSID value found.
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4274430286-4139735347-335498181-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-4274430286-4139735347-335498181-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft..../?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft..../?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Otis Endicott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk = C:\Users\Otis Endicott\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe ()
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O27:64bit: - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\jumpflip: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\volaro: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\vonteera: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\jumpflip: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\volaro: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\vonteera: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
[2014/05/25 20:10:25 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\AppData\Local\globalUpdate
[2014/05/25 20:10:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/05/23 10:26:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced System Protector
[2014/05/23 10:25:42 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\AppData\Roaming\Speedial
[2014/05/23 10:25:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Speedial
[2014/05/23 10:25:30 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\AppData\Roaming\Systweak
[2014/05/23 10:25:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegClean Pro
[2014/05/23 10:06:43 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
[2014/05/23 10:05:23 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\AppData\Roaming\Settings Manager
[2014/05/23 10:04:53 | 001,705,063 | ---- | C] (AnyProtect.com) -- C:\Users\Otis Endicott\AppData\Local\AnyProtectScannerSetup.exe
[2014/05/23 10:04:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnyProtectEx
[2014/05/23 09:56:02 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\AppData\Local\WebBar
[2014/05/23 09:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallSightSDK
[2014/05/23 09:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\WebBar
[2014/05/23 09:54:48 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\AppData\Local\PC_Drivers_Headquarters
[2014/05/23 09:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Updates Downloader
[2014/05/23 09:54:27 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Updates Downloader
[2014/05/23 09:53:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Restore
[2014/05/23 09:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiDefMedia
[2014/05/23 09:52:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Restore
[2014/05/23 09:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiDefMedia
[2014/05/23 09:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCTechHotline
[2014/05/23 09:46:44 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\AppData\Roaming\PCFixSpeed
[2014/05/23 09:46:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PCFixSpeed
[2014/05/23 09:46:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCFixSpeed
[2014/05/23 09:45:25 | 002,185,872 | ---- | C] (Microsoft Corporation) -- C:\Users\Otis Endicott\DefaultPack (2).EXE
[2014/05/23 09:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\V-bates
[2014/05/23 09:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LPT
[2014/05/23 09:41:57 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\AppData\Local\LPT
[2014/05/23 09:41:56 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\AppData\Local\Smartbar
[2014/05/23 09:40:46 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\AppData\Local\TidyNetwork
[2014/05/23 09:40:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TidyNetwork
[2014/05/23 09:40:32 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/05/23 09:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSR
[2014/05/23 09:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\rrsavings
[2014/05/23 09:38:34 | 000,000,000 | ---D | C] -- C:\Program Files\002
[2014/05/18 18:16:52 | 000,000,000 | ---D | C] -- C:\Users\Otis Endicott\Documents\Optimizer Pro
[2014/05/18 18:11:31 | 000,000,000 | ---D | C] -- C:\Program Files\003
[2014/05/18 18:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
[2014/05/18 18:11:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2014/05/16 08:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Performer
[2014/05/28 21:28:26 | 000,000,434 | ---- | M] () -- C:\Windows\tasks\DriverUpdate Startup.job
[2014/05/26 20:59:42 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\FF Watcher {4AEB1DC9-55B6-4DD8-841D-F6003B9B4AA0}.job
[2014/05/26 20:59:39 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\FF Watcher {5A8E07FF-80F2-40A6-91C0-C5344AA2ED11}.job
[2014/05/25 20:15:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014/05/25 20:15:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/05/24 03:37:50 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP1.job
[2014/05/24 03:37:50 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP3.job
[2014/05/24 03:37:50 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP2.job
[2014/05/23 10:06:59 | 000,002,944 | ---- | M] () -- C:\Users\Otis Endicott\AppData\Roaming\aps.scan.results
[2014/05/23 10:06:59 | 000,001,152 | ---- | M] () -- C:\Users\Otis Endicott\AppData\Roaming\aps.scan.quick.results
[2014/05/23 10:06:59 | 000,000,318 | ---- | M] () -- C:\Users\Otis Endicott\AppData\Roaming\aps.uninstall.scan.results
[2014/05/23 09:57:01 | 000,000,000 | ---- | M] () -- C:\END
[2014/05/23 09:54:28 | 000,001,801 | ---- | M] () -- C:\Users\Public\Desktop\Windows Updates Downloader.lnk
[2014/05/23 09:53:10 | 000,002,303 | ---- | M] () -- C:\Users\Public\Desktop\Driver Restore.lnk
[2014/05/23 09:53:05 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\HiDef Media Player.lnk
[2014/05/22 20:37:59 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2014/05/21 15:00:20 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2014/05/19 09:37:28 | 000,002,469 | ---- | M] () -- C:\Users\Public\Desktop\DriverUpdate.lnk
[2014/05/19 07:19:26 | 001,705,063 | ---- | M] (AnyProtect.com) -- C:\Users\Otis Endicott\AppData\Local\AnyProtectScannerSetup.exe
[2014/05/18 18:10:13 | 000,001,211 | ---- | M] () -- C:\Users\Otis Endicott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
[2014/05/18 18:07:34 | 000,808,072 | ---- | M] () -- C:\Users\Otis Endicott\flashplayerpro-setup.exe
[2014/05/16 08:54:57 | 000,001,052 | ---- | M] () -- C:\Users\Public\Desktop\PC Performer.lnk
[2014/05/26 22:52:05 | 000,194,952 | ---- | C] () -- C:\Program Files (x86)\8eres.dll
[2012/01/13 18:14:31 | 000,000,000 | ---D | M] -- C:\Users\Edna Endicott\AppData\Roaming\PC Cleaners
[2011/09/25 21:05:51 | 000,000,000 | ---D | M] -- C:\Users\Edna Endicott\AppData\Roaming\PCPowerSpeed
[2012/01/13 18:14:31 | 000,000,000 | ---D | M] -- C:\Users\Edna Endicott\AppData\Roaming\PCPro
[2011/11/24 09:28:39 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\PCPowerSpeed
[2012/01/14 22:12:24 | 000,000,000 | ---D | M] -- C:\Users\Otis Endicott\AppData\Roaming\DriverCure
[2012/01/09 20:21:11 | 000,000,000 | ---D | M] -- C:\Users\Otis Endicott\AppData\Roaming\ErrorTeck
[2013/06/13 05:32:59 | 000,000,000 | ---D | M] -- C:\Users\Otis Endicott\AppData\Roaming\FixCleaner
[2011/07/16 23:51:58 | 000,000,000 | ---D | M] -- C:\Users\Otis Endicott\AppData\Roaming\IDT
[2012/01/12 21:50:12 | 000,000,000 | ---D | M] -- C:\Users\Otis Endicott\AppData\Roaming\PC Cleaners
[2014/05/24 20:53:52 | 000,000,000 | ---D | M] -- C:\Users\Otis Endicott\AppData\Roaming\PCFixSpeed
[2012/02/06 21:35:56 | 000,000,000 | ---D | M] -- C:\Users\Otis Endicott\AppData\Roaming\PCPro
[2014/05/24 03:35:50 | 000,000,000 | ---D | M] -- C:\Users\Otis Endicott\AppData\Roaming\PerformerSoft
[2014/05/23 10:05:23 | 000,000,000 | ---D | M] -- C:\Users\Otis Endicott\AppData\Roaming\Settings Manager
[2013/01/09 21:30:56 | 000,000,000 | ---- | M] ()(C:\Windows\SysWow64\?i?ilotserviceruntime.log) -- C:\Windows\SysWow64\?i?ilotserviceruntime.log
[2013/01/09 21:30:56 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\?i?ilotserviceruntime.log) -- C:\Windows\SysWow64\?i?ilotserviceruntime.log
:Files
ipconfig /flushdns /c
:Reg
"{AB65D81D-303A-4DDB-AC7C-12C9CD9F67FB}"=-
"{AEB719FD-EDB0-43E9-B524-90F97C1E6499}"=-
:Files
C:\Windows\Microsoft\System Update kb70007
:Commands
[PURITY]
[EMPTYTEMP]
~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
• Push the button.
• OTL will ask to reboot the machine. Please do so if asked.
• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
• Copy and Paste that report in your next reply, please
Thank you
#6
Posted 07 June 2014 - 12:37 PM
Attached Files
#7
Posted 09 June 2014 - 08:08 AM
Hi andecito
Excellent work! Ok, let's get what we cannot see ~ After these scans please let me know how the computer is behaving.
Step 1.
ADWCleaner
1. Download AdwCleaner from this link to your Desktop.
2. Right click on your Desktop, choose Run as Administrator.
3. Accept UAC prompt.
4. Accept AdwCleaner's Terms of Use. And the AdwCleaner window opens:
5. Click on the <~ Scan button and wait for the scan to finish.
6. After the Scan has finished the window may or may not show what it found and above the progress bar you will see Pending..... Please uncheck elements you don't want to remove. Please check to be sure no good items accidentally got picked up.
7. Once that is complete, click the <~ Clean button
8. Once it has finished Cleaning, click the <~ Report button to get the log.
9. Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
10. Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.
Step 2.
Junkware Removal Tool
• Please download Junkware Removal Tool to your desktop.
• Shut down your protection software now to avoid potential conflicts.
• Right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next post.
When you return, please post:
1. AdwCleaner[R0].txt.
2. JRT.txt
3. How is the computer running, now?
#8
Posted 18 June 2014 - 09:55 AM
It's been a few days. Are you still with me?
#9
Posted 25 June 2014 - 09:14 AM
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users