Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

poor performance, locks up randomly restarts [Solved]

Started by richclan , Dec 13 2014 07:17 PM

  • This topic is locked This topic is locked

#1
richclan
Posted 13 December 2014 - 07:17 PM

richclan

    Member

  • Member
  • PipPipPip
  • 187 posts
this is my daughters pc and when she uses it for school work it lets her down.. please help thank you
 
  
OTL logfile created on: 12/13/2014 7:59:10 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\JPR\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.75 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 54.83% Memory free
5.49 Gb Paging File | 3.90 Gb Available in Paging File | 70.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.79 Gb Total Space | 142.07 Gb Free Space | 64.94% Space Free | Partition Type: NTFS
 
Computer Name: MADDIE-PC | User Name: JPR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/12/13 19:59:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JPR\Downloads\OTL.exe
PRC - [2014/11/25 01:39:27 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2012/07/12 17:11:40 | 000,892,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
PRC - [2012/05/29 09:37:22 | 025,249,400 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe
PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2011/06/17 12:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/06/28 17:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/06/28 17:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/06/22 01:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/06/22 01:34:48 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/06/22 01:34:46 | 000,968,272 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/05/26 21:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/11 00:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/03/11 00:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/11/25 01:39:24 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
MOD - [2014/11/25 01:39:20 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
MOD - [2014/11/25 01:39:18 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
MOD - [2014/11/25 01:39:17 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
MOD - [2014/07/31 11:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/07/31 11:16:12 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/07/12 17:12:16 | 000,880,640 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
MOD - [2012/07/12 17:11:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
MOD - [2012/07/12 17:11:06 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
MOD - [2012/07/12 17:10:48 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
MOD - [2012/07/12 17:10:46 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
MOD - [2012/07/12 17:10:44 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
MOD - [2012/07/12 17:10:44 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
MOD - [2012/07/12 17:10:42 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
MOD - [2012/07/12 17:10:42 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
MOD - [2012/07/12 17:09:54 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
MOD - [2012/07/12 17:09:52 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
MOD - [2012/07/12 17:09:50 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
MOD - [2012/07/12 17:09:34 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
MOD - [2012/05/23 13:50:18 | 000,798,720 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
MOD - [2012/05/23 13:09:32 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
MOD - [2010/06/28 17:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2009/05/20 01:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2012/03/26 17:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 17:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/06/11 16:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/04/20 18:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/23 13:52:58 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/17 12:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/07/19 23:34:07 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/28 17:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/06/22 01:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/05/26 21:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/04/03 18:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/28 13:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/20 19:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/07/08 22:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/06/17 04:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/06/03 14:59:00 | 004,171,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/05/14 16:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/04/20 20:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/20 17:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/19 21:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010/01/26 22:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/12/10 06:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/08/23 04:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 21:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 21:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 21:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...54z1i5v47721306
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...54z1i5v47721306
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...54z1i5v47721306
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...54z1i5v47721306
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...54z1i5v47721306
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/w...8M^YYYYYY^YY^US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://homepage.acer...54z1i5v47721306
IE - HKCU\..\URLSearchHook: {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} - C:\Program Files (x86)\searchresultstb\searchresultsDx.dll ()
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.ask.com/w...q={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...AW_enUS411US411
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{B0F6A9E6-A20E-2078-1826-6C700C6E8C1D}: "URL" = http://www.bing.com/...045&form=ZGAIDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/w...M^YYYYYY^YY^US"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3
FF - prefs.js..extensions.enabledItems: wecarereminder@bryan:4.0.11.11
FF - prefs.js..extensions.enabledItems: {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}:1.0
FF - prefs.js..keyword.URL: "http://www.ask.com/w...YYYYY^YY^US&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files (x86)\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Users\JPR\AppData\Roaming\nprhapengine.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/03/01 17:09:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/03/10 19:34:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/12/18 01:09:36 | 000,000,000 | ---D | M]
 
[2011/03/10 19:49:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JPR\AppData\Roaming\Mozilla\Extensions
[2012/08/01 14:32:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions
[2012/08/01 14:30:38 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
[2012/06/19 15:18:28 | 000,000,000 | ---D | M] (SaveTheChildren App By We-Care.com) -- C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\wecarereminder@bryan
[2011/07/04 11:48:16 | 000,001,919 | ---- | M] () -- C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\searchplugins\bing-zugo.xml
[2013/12/18 01:07:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/26 15:50:42 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/12/29 11:36:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/01 17:09:25 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2011/07/04 11:48:37 | 000,002,280 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
[2012/08/01 14:31:09 | 000,000,686 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\searchresultstb.xml
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: Google Slides = C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: Google Docs = C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Sheets = C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: McAfee SiteAdvisor = C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.30.153.1_0\
CHR - Extension: We-Care Reminder = C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.26_0\
CHR - Extension: Google Wallet = C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2011/01/21 19:50:36 | 000,000,036 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Search-Results Toolbar) - {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} - C:\Program Files (x86)\searchresultstb\searchresultsDx.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} - C:\Program Files (x86)\searchresultstb\searchresultsDx.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C385DE04-CAA9-4281-BBF4-5B9F0BD72233}: DhcpNameServer = 192.168.0.1 205.171.2.226
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\syswow64\userinit.exe) - c:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/12/13 19:27:03 | 000,000,000 | ---D | C] -- C:\FRST
[2014/12/06 17:48:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/12/13 19:31:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/12/13 19:31:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/12/13 19:30:05 | 000,002,287 | ---- | M] () -- C:\Users\JPR\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/12/13 19:05:49 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2149775182-1744775763-1669362473-1001Core.job
[2014/12/13 19:03:43 | 000,783,160 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/12/13 19:03:43 | 000,662,870 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/12/13 19:03:43 | 000,122,408 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/12/13 19:00:37 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2149775182-1744775763-1669362473-1001Core.job
[2014/12/13 19:00:34 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2149775182-1744775763-1669362473-1001UA.job
[2014/12/13 19:00:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/08 23:24:03 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/08 23:23:30 | 000,003,304 | ---- | M] () -- C:\bootsqm.dat
[2014/12/06 17:48:42 | 239,714,624 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/11/26 23:48:23 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/11/15 18:37:47 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2149775182-1744775763-1669362473-1001UA.job
[2014/11/15 18:37:13 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/15 18:37:10 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/12/08 23:23:30 | 000,003,304 | ---- | C] () -- C:\bootsqm.dat
[2014/12/06 17:48:42 | 239,714,624 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/12/25 18:30:23 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Dialogs
[2011/12/25 18:30:23 | 000,000,268 | RH-- | C] () -- C:\Users\JPR\AppData\Roaming\Definition Bundle
[2011/12/25 18:30:23 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011/12/25 18:30:23 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Electric Clav
[2011/12/25 18:30:22 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Devices
[2011/12/25 18:30:22 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Developer Tools
[2011/12/25 18:30:22 | 000,000,268 | RH-- | C] () -- C:\Users\JPR\AppData\Roaming\Database
[2011/12/25 18:30:22 | 000,000,268 | RH-- | C] () -- C:\Users\JPR\AppData\Roaming\Dance Kit
[2011/12/25 18:30:22 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011/12/25 18:30:22 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011/12/25 18:30:22 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Echo
[2011/12/25 18:30:22 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Drums
[2011/03/10 19:40:26 | 000,000,632 | RHS- | C] () -- C:\Users\JPR\ntuser.pol
[2010/12/26 15:52:56 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
< End of report >
 

  • 0

Advertisements

#2
Pyxis
Posted 14 December 2014 - 12:19 AM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Greetings,

Welcome to Geeks to Go--the friendliest online community dedicated to the sole goal of helping people from all around the world! :) I am Pyxis and I will be assisting you. As such, I would like to stress the following reminders:
  • It is important that you do not install anything unless asked while the process is ongoing. Doing so may hinder or even complicate the cleaning of your system. You will get the chance to install things as you would like after the process has been completed.
  • Ensure you take extra caution to precisely follow my instructions. Please only use the tools I have asked you to. The instructions for your computer are unique and should therefore only apply to your system.
  • Since the cleaning process is quite delicate, your timely response is crucial. Topics are marked inactive and thus closed within 3 full days of no activity. If you deem I have overlooked your thread--which is in a matter of more than 48 hours--please send me a PM and I will get back to you shortly.
I hope you keep in mind these reminders. Let's get to work! :thumbsup:
  • Step 1

    Run your copy of OTL by double-clicking it.
    • Copy and paste the following into the Custom Scans/Fixes box:
      :OTL
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McAfee SiteAdvisor Service)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/17 12:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...54z1i5v47721306
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...54z1i5v47721306
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...54z1i5v47721306
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...54z1i5v47721306
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...54z1i5v47721306
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/w...8M^YYYYYY^YY^US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://homepage.acer...54z1i5v47721306
IE - HKCU\..\URLSearchHook: {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} - C:\Program Files (x86)\searchresultstb\searchresultsDx.dll ()
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.ask.com/w...q={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...AW_enUS411US411
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{B0F6A9E6-A20E-2078-1826-6C700C6E8C1D}: "URL" = http://www.bing.com/...045&form=ZGAIDF
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/w...M^YYYYYY^YY^US"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3
FF - prefs.js..extensions.enabledItems: wecarereminder@bryan:4.0.11.11
FF - prefs.js..extensions.enabledItems: {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}:1.0
FF - prefs.js..keyword.URL: "http://www.ask.com/w...YYYYY^YY^US&q="
FF - user.js - File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/03/01 17:09:25 | 000,000,000 | ---D | M]
[2012/08/01 14:30:38 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
[2012/06/19 15:18:28 | 000,000,000 | ---D | M] (SaveTheChildren App By We-Care.com) -- C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\wecarereminder@bryan
[2011/07/04 11:48:16 | 000,001,919 | ---- | M] () -- C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\searchplugins\bing-zugo.xml
[2011/03/01 17:09:25 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2011/07/04 11:48:37 | 000,002,280 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
[2012/08/01 14:31:09 | 000,000,686 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\searchresultstb.xml
C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Search-Results Toolbar) - {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} - C:\Program Files (x86)\searchresultstb\searchresultsDx.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} - C:\Program Files (x86)\searchresultstb\searchresultsDx.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
[2010/12/26 15:52:56 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

:Commands
[emptytemp]
    • Click Run Fix.
    • OTL will reboot your system. Allow it by clicking OK.
    • After the reboot, a Notepad window will appear, named MMDDYYYY_HHMMSS.log. Alternatively, you can find that log at C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 2

    Download 'AdwCleaner by Xplode' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • Read the Terms of Use and click I Agree.
    • Click Scan and choose Clean after.
    • Wait for it to finish. It won't take long.
    • Click OK for the next prompts. Your system will automatically reboot.
    • A log will automatically pop-up after rebooting. Alternatively, you can find it at C:\AdwCleaner\AdwCleaner[S*].txt.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 3

    Download 'Junkware Removal Tool by thisisu' and save it to your desktop.
    • Ensure all programs and windows are closed before proceeding.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • A black window will appear. Press any key to continue.
    • Wait for it to finish. It won't take long.
    • A log will automatically pop-up once done. Alternatively, you can find JRT.txt at your desktop.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • MMDDYYYY_HHMMSS.log (OTL)
    • AdwCleaner[S*].txt (AdwCleaner)
    • JRT.txt (Junkware Removal Tool)

  • 0

#3
richclan
Posted 14 December 2014 - 12:26 PM

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 187 posts

thanks for the fast help response  pyxis very appreciated     :spoton:

 

All processes killed
========== OTL ==========
Service McAfee SiteAdvisor Service stopped successfully!
Service McAfee SiteAdvisor Service deleted successfully!
File C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc not found.
Service BBUpdate stopped successfully!
Service BBUpdate deleted successfully!
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE moved successfully.
Service BBSvc stopped successfully!
Service BBSvc deleted successfully!
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE moved successfully.
Service McComponentHostService stopped successfully!
Service McComponentHostService deleted successfully!
C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Restore| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\ deleted successfully.
C:\Program Files (x86)\searchresultstb\searchresultsDx.dll moved successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B0F6A9E6-A20E-2078-1826-6C700C6E8C1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B0F6A9E6-A20E-2078-1826-6C700C6E8C1D}\ not found.
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://www.ask.com/w...M^YYYYYY^YY^US" removed from browser.startup.homepage
Prefs.js: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3 removed from extensions.enabledItems
Prefs.js: wecarereminder@bryan:4.0.11.11 removed from extensions.enabledItems
Prefs.js: {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}:1.0 removed from extensions.enabledItems
Prefs.js: "http://www.ask.com/w.....YYYYY^YY^US=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7082FAA-CB62-4872-9106-E42DD88EDE45}\ not found.
C:\Program Files (x86)\McAfee\SiteAdvisor\x64 folder moved successfully.
C:\Program Files (x86)\McAfee\SiteAdvisor\Scripts folder moved successfully.
C:\Program Files (x86)\McAfee\SiteAdvisor\Download folder moved successfully.
C:\Program Files (x86)\McAfee\SiteAdvisor\Components folder moved successfully.
C:\Program Files (x86)\McAfee\SiteAdvisor folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\components folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\options folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\uwa folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\panels\images folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\panels\default folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\panels\css folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib\panels folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin\lib folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\skin folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\locale\toolbar folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\locale\lib folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\locale folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\data\search folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\data folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\scripts folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\css folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.YouTube_v2\skin folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.YouTube_v2\js folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.YouTube_v2\images folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.YouTube_v2\css folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.YouTube_v2 folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.WebTV\skin\scripts folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.WebTV\skin\images folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.WebTV\skin\css folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.WebTV\skin folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.WebTV\js folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.WebTV\images folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.WebTV\css folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.WebTV folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.Shopzilla\skin\scripts folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.Shopzilla\skin\images folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.Shopzilla\skin\css folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.Shopzilla\skin folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.Shopzilla\js folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.Shopzilla\images folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.Shopzilla\css folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.Shopzilla folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.RadioBeta folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\widgets folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\modules folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content\lib folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome\content folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\chrome folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\wecarereminder@bryan\META-INF folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\wecarereminder@bryan\defaults\preferences folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\wecarereminder@bryan\defaults folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\wecarereminder@bryan\components folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\wecarereminder@bryan\chrome folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\extensions\wecarereminder@bryan folder moved successfully.
C:\Users\JPR\AppData\Roaming\Mozilla\Firefox\Profiles\257xl4w6.default\searchplugins\bing-zugo.xml moved successfully.
Folder C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\ not found.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\search.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\searchresultstb.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}\ deleted successfully.
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\ not found.
File C:\Program Files (x86)\searchresultstb\searchresultsDx.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\ not found.
File C:\Program Files (x86)\searchresultstb\searchresultsDx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}\ deleted successfully.
File C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
File C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ooVoo.exe deleted successfully.
C:\Program Files (x86)\ooVoo\ooVoo.exe moved successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\dssrequest\ deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll not found.
File c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\dssrequest\ not found.
File c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll not found.
File c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore\ deleted successfully.
File c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll not found.
File c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore\ not found.
File c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll not found.
C:\ProgramData\ezsidmv.dat moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Desktop
 
User: Guest
->Temp folder emptied: 2554637 bytes
->Temporary Internet Files folder emptied: 68054699 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 41692194 bytes
->Google Chrome cache emptied: 373056844 bytes
->Flash cache emptied: 58149 bytes
 
User: JPR
->Temp folder emptied: 43597064 bytes
->Temporary Internet Files folder emptied: 90137020 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 48168631 bytes
->Google Chrome cache emptied: 76664616 bytes
->Flash cache emptied: 58838 bytes
 
User: maddie
->Temp folder emptied: 909098516 bytes
->Temporary Internet Files folder emptied: 369740342 bytes
->Java cache emptied: 802674 bytes
->FireFox cache emptied: 427804365 bytes
->Google Chrome cache emptied: 292651121 bytes
->Flash cache emptied: 169815 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 771424 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 262580268 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50467 bytes
RecycleBin emptied: 1947 bytes
 
Total Files Cleaned = 2,868.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 12142014_121352

Files\Folders moved on Reboot...
C:\Users\JPR\AppData\Local\Temp\Low\JavaDeployReg.log moved successfully.
C:\Users\JPR\AppData\Local\Temp\Low\~DF054ED33CCB2866A5.TMP moved successfully.
C:\Users\JPR\AppData\Local\Temp\4723.tmp moved successfully.
C:\Users\JPR\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y4PPZR6V\AdServerServlet[1].htm not found!
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y4PPZR6V\cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y4PPZR6V\criteo_iframe[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y4PPZR6V\k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM[1].woff moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y4PPZR6V\mail[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y4PPZR6V\pf[1].htm moved successfully.
File\Folder C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y4PPZR6V\ping[1].htm not found!
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y4PPZR6V\PRmiXeptR36kaC0GEAetxjqR_3kx9_hJXbbyU8S6IN0[1].woff moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y4PPZR6V\xjAJXh38I15wypJXxuGMBobN6UDyHWBl620a-IRfuBk[1].woff moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y4PPZR6V\zrt_lookup[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\20269[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\AdDisplayTrackerServlet[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\ads[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\afs[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\comScore[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\cs[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\inbox_left[2].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\index[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\push[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\push[2].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\push[3].htm moved successfully.
File\Folder C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WCAKGNAD\um[1].htm not found!
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GXMJODK4\411f1e96-3bde-4d85-b17e-63749e5f0695[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GXMJODK4\AdDisplayTrackerServlet[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GXMJODK4\blankHistory[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GXMJODK4\container[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GXMJODK4\container[2].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GXMJODK4\i[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GXMJODK4\showad[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E2NJFQVY\ai[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E2NJFQVY\handshake[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E2NJFQVY\imgad[1].gif moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E2NJFQVY\v1[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E2NJFQVY\web[1].htm moved successfully.
C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

 

 

# AdwCleaner v4.105 - Report created 14/12/2014 at 12:34:46
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows 7 Home Premium  (64 bits)
# Username : JPR - MADDIE-PC
# Running from : C:\Users\JPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JLH7NTE7\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\GamesBar
Folder Deleted : C:\Program Files (x86)\searchresultstb
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Guest\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\JPR\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\JPR\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\JPR\AppData\Roaming\Ask.com
Folder Deleted : C:\Users\maddie\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\maddie\AppData\Roaming\Mozilla\Firefox\Profiles\s924gzls.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\maddie\AppData\Roaming\Mozilla\Firefox\Profiles\s924gzls.default\Extensions\[email protected]
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
Folder Deleted : C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
File Deleted : C:\Users\maddie\AppData\Roaming\Mozilla\Firefox\Profiles\s924gzls.default\searchplugins\Askcom.xml
File Deleted : C:\Users\maddie\AppData\Roaming\Mozilla\Firefox\Profiles\s924gzls.default\user.js
File Deleted : C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.saveur.com_0.localstorage
File Deleted : C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.saveur.com_0.localstorage-journal
File Deleted : C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal
File Deleted : C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage

***** [ Scheduled Tasks ] *****

Task Deleted : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3721E85-F0AC-4B7E-AE4C-3E738011DC9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3721E85-F0AC-4B7E-AE4C-3E738011DC9D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C3721E85-F0AC-4B7E-AE4C-3E738011DC9D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\searchresultstb
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\searchresultstb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\searchresultstb
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16526

-\\ Mozilla Firefox v3.6.13 (en-US)

[257xl4w6.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.ask.com/web?l=dis&o=41648007&gct=hp&apn_dtid=^YYYYYY^YY^US&apn_ptnrs=^8M&apn_uid=5230400222244252&p2=^8M^YYYYYY^YY^US");
[257xl4w6.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://www.ask.com/web?l=dis&o=41648007&gct=kwd&qsrc=2869&apn_dtid=^YYYYYY^YY^US&apn_ptnrs=^8M&apn_uid=5230400222244252&p2=^8M^YYYYYY^YY^US&q=");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.cbid", "5I");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.crumb", "2010.12.26+12.44.46-toolbar002iad-US-UGVubnNhdWtlbixOSixVbml0ZWQgU3RhdGVz");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}&gct=bar");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.dtid", "YYYYYYYYUS");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.fresh-install", false);
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.l", "dis");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.last-config-req", "1406960361927");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.locale", "en_US");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.o", "102868");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.r", "9");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.v", "3.9.1.100013");
[s924gzls.default\prefs.js] - Line Deleted : user_pref("extensions.enabledItems", "{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3,[email protected]:3.9.1.100013,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}:1.0,{[...]
[s924gzls.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://www.ask.com/web?l=dis&o=41648007&gct=kwd&qsrc=2869&apn_dtid=^YYYYYY^YY^US&apn_ptnrs=^8M&apn_uid=undefined&p2=^8M^YYYYYY^YY^US&q=");

-\\ Google Chrome v39.0.2171.95

[C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\JPR\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://shopping.kelkoo.co.uk/ctl/do/search?siteSearchQuery={searchTerms}&from=colibri
[C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://movies.netflix.com/WiSearch?raw_query=bones+&ac_category_type=none&ac_rel_posn=-1&ac_abs_posn=-1&v1={searchTerms}&search_submit=
[C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\maddie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [13314 octets] - [14/12/2014 12:32:01]
AdwCleaner[S0].txt - [13384 octets] - [14/12/2014 12:34:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13445 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by JPR on Sun 12/14/2014 at 13:11:19.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"

 

~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-969E73DB.pf
Successfully deleted: [File] "C:\Windows\wininit.ini"

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/14/2014 at 13:16:47.00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  • 0

#4
Pyxis
Posted 14 December 2014 - 02:41 PM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Wow, look at that amount of junk we just removed! Let's keep that up. :popcorn:
  • Step 1

    Download the free version of 'Malwarebytes Anti-Malware by Malwarebytes Corporation' and save it to your desktop.
    • Double-click mbam-setup-*.exe and proceed to installing the program.
      • Accept the License Agreement.
      • At the end, untick Enable free trial of Malwarebytes Anti-Malware Premium and ensure Launch Malwarebytes' Anti-Malware is checked.
      • Click Finish after.
    • Once the program has loaded, navigate to the Settings tab and select Detection and Protection.
      • Tick the Scan For Rootkits box.
    • Go back to the Dashboard and select Update Now. Click Scan Now after.
      • Updates can sometimes still be present. Be sure to select Update Now again if you are prompted.
      • Once the scan is complete, click Apply Actions.
      • If you are prompted to reboot, allow it by pressing Yes.
    • Navigate to the program's History tab to retrieve the log.
      • Click Application Logs and double-click on the most recent Scan Log.
      • Export the log to your desktop as a .TXT file.
      • You can also choose to directly copy the log by selecting Copy to Clipboard.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 2

    Run a free 'ESET Online Scan by ESET' by firstly saving the file to your desktop.
    • Double-click esetsmartinstaller_enu.exe. Accept the Terms of Use then click on Start.
    • Ensure the following settings are followed before clicking Start (you may or may not see the software warning at the very bottom):

      nvMhqop.png

    • The virus signature database will begin to download. Wait for the scan to end--it may take several hours.
    • Upon completion, select List of found threats > Export to text file....
    • Press Back and put a check on the following:
      • Uninstall application on close
      • Delete quarantined files
    • Click Finish.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 3

    Download 'SecurityCheck by screen317' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • A black window will appear. Press any key to continue.
    • Wait for it to finish. It won't take long.
    • A log will automatically pop-up after once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
    Note: If you get an error about an unsupported operating system, please reboot your computer and try again.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • checkup.txt (SecurityCheck)
    • log.txt (ESET Online Scan)
    • mbam-log-YYYY-MM-DD (HH-MM-SS).xml (Malwarebytes Anti-Malware)

  • 0

#5
richclan
Posted 14 December 2014 - 10:25 PM

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 187 posts

the laptop is unable to run any scans now even in safe mode. it freezes during the scan.


  • 0

#6
Pyxis
Posted 15 December 2014 - 03:27 AM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts

the laptop is unable to run any scans now even in safe mode. it freezes during the scan.


Mind rebooting? Once successful, wait for a few minutes to allow the computer to load things. Proceed to performing the aforementioned steps. If you get stuck again, please let me know at which part and when.
  • 0

#7
richclan
Posted 16 December 2014 - 10:27 AM

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 187 posts
it hangs up on a recycle bin file. it also wont complete windows update [ it crashes and then does a ckdsk scan on reboot ]
  • 0

#8
Pyxis
Posted 18 December 2014 - 08:49 PM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts

it hangs up on a recycle bin file.


Did you mean the scanning? If so, could you empty your Recycle Bin first before proceeding with the scan?

it also wont complete windows update [ it crashes and then does a ckdsk scan on reboot ]


I see. That is very symptomatic of the problem here, which is likely a corrupt hard disk. May I ask how old this computer is, and whether or not you have a spare flash drive?
  • 0

#9
richclan
Posted 21 December 2014 - 08:12 AM

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 187 posts

i had emptied the bin but it still hung up.. i ran MB in safe mode overnite and it completed finally...

the eset wont complete a scan it just locks up then reboots...

 

update/   in safe mode and 11 hrs later the eset worked ...however i forgot to save the log file,,my bad



2014/12/20 19:39:55 -0500 mbam-log-2014-12-20 (19-39-34).xml yes 2.00.4.1028 v2014.12.20.07 v2014.12.14.01 trial disabled disabled disabled Windows 7 x64 JPR NTFS threat completed 433229 17086 0 0 6 4 0 0 5 0 enabled enabled enabled enabled enabled disabled enabled warn enabled HKU\S-1-5-21-2149775182-1744775763-1669362473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}PUP.Optional.FrostwireTB.Asuccess51cc8bd8532962d44bebd43d06fdb24e HKU\S-1-5-21-2149775182-1744775763-1669362473-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}PUP.Optional.FrostwireTB.Asuccess51cc8bd8532962d44bebd43d06fdb24e HKU\S-1-5-21-2149775182-1744775763-1669362473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}PUP.Optional.FrostwireTB.Asuccess51cc8bd8532962d44bebd43d06fdb24e HKU\S-1-5-21-2149775182-1744775763-1669362473-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}PUP.Optional.FrostwireTB.Asuccess51cc8bd8532962d44bebd43d06fdb24e HKU\S-1-5-21-2149775182-1744775763-1669362473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}PUP.Optional.WeCare.Asuccess65b873f06517ee489e6ece3f8e7521df HKU\S-1-5-21-2149775182-1744775763-1669362473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}PUP.Optional.WeCare.Asuccess65b873f06517ee489e6ece3f8e7521df HKU\S-1-5-21-2149775182-1744775763-1669362473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER{D4027C7F-154A-4066-A1AD-4243D8127440}PUP.Optional.FrostwireTB.Asuccess

 

 

 Results of screen317's Security Check version 0.99.93 
 Windows 7  x64  
 Out of date service pack!!
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
 Windows Firewall Enabled! 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java version 32-bit out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
  Adobe Flash Player 11.6.602.171 Flash Player out of Date! 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (3.6.13) Firefox out of Date! 
 Google Chrome (39.0.2171.71)
 Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
 


Edited by richclan, 21 December 2014 - 08:18 PM.

  • 0

#10
Pyxis
Posted 22 December 2014 - 11:50 AM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi richclan,

I do not recommend pushing through with any updates from Windows Update at the moment, given your situation. I really feel the issue has to do with hardware, but let us see. Again, may I ask how old this computer is, and whether or not you have a spare flash drive?
  • Step 1

    Download 'Windows Repair (All In One) by Tweaking.com' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • Go through the installer. At the end of the process, the program screen should pop-up.
    • Navigate to Step 3: Optional:
      • Click Check. The scan will commence.
      • Select Do It if errors were found. Otherwise, proceed to the next step.
    • Navigate to Step 4: Optional:
      • Click Do It.
    • Navigate to Start Repairs and press Start. Choose No at the prompt.
      • Uncheck the following items:
        • 28 - Repair Windows 8 App Store
        • 29 - Repair Windows 8 Component Store
        • 30 - Restore Windows 8 COM+ Unmarshalers
      • Press Start to begin the process. It will take a while.
      • Note that a gray box will pop-up from time to time--this is normal.
    • Once done click the View Logs button.
      • Post the logs contained within the folder.
      • If you find it inconvenient, highlight all of the files (CTRL + A) > right-click on any of the items > Send to > Compressed (zipped) folder > Yes.
      • Attach the folder found at your desktop.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • *.txt (Windows Repair (All In One)

  • 0

Advertisements

#11
richclan
Posted 22 December 2014 - 12:36 PM

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 187 posts
its about 2 yrs old, I do have a flash drive and Houston we have a problem !!!
after the reboot it went into what I,ve read is an endless loop. startup repair. I don't think I have a repair disk but I haven't been able to look for one yet. im thinking its the boot loader, sorry you got stuck with this issue.
  • 0

#12
Pyxis
Posted 22 December 2014 - 11:50 PM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi richclan,

I believe I may be able to provide that for you if it really is inexistent. In some cases, the company does not provide a disc because the recovery modules are built-in. I have some questions I hope you could answer to help me determine the best course of action:
  • Which company manufactured this computer?
  • Is this the screen you happen to be stuck at?
  • Does tapping the F8 button continuously before the Windows logo appears lead you to a screen similar to this?
  • Can you confirm that your operating system is Windows 7 Home Premium, 64-bit?
  • Are there sensitive files saved onto this computer that have not been backed up?
  • Are you able to locate your Windows license? A sticker containing the latter is usually present at the underside (for laptops) or at the side of the case (desktops).

  • 0

#13
richclan
Posted 26 December 2014 - 06:47 AM

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 187 posts

its an acer  with win 7 / 64bit

 

yes to both screen shots

 

no she does have many files and music  that are NOT backed up

 

yes we have the license sticker

 

i located the repair disks i made when i first got my laptop 3 cd's [same OS and its an acer ] and i also did the image backup as well.

 

the repair disk did nothing to fix it. i DO have Knoppix 6.0 , 3.5, and a partition commander disk if these will help us.

thanks


  • 0

#14
Pyxis
Posted 28 December 2014 - 05:27 AM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi richclan,

This is what I have in mind, let me know if the idea is alright with you and we will proceed:
  • Restore any working instances of the system via System Restore.
  • Backup all important files.
  • Perform an in-place upgrade to fix the operating system.

  • 0

#15
richclan
Posted 28 December 2014 - 10:41 AM

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 187 posts

im ok as long as we can somehow save her docs photos and music from deletion

thanks


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP