[Advertisment pop-ups while browsing internet; possible malware]

I am still getting pop-ups

[Advertisment pop-ups while browsing internet; possible malware]

Here is the rkreport.text. I was not able to download the OTL file

RKreport.text.doc

[Advertisment pop-ups while browsing internet; possible malware]

Here are both of the dds logs. Thank you.

dds.txt

attach.txt

[Advertisment pop-ups while browsing internet; possible malware]

Here is the mbam log

Malwarebytes Anti.doc

[Advertisment pop-ups while browsing internet; possible malware]

2. Junkware removal tool log.

JRT.txt

[Advertisment pop-ups while browsing internet; possible malware]

1. Adwcleaner log

AdwCleaner v1.doc

[Advertisment pop-ups while browsing internet; possible malware]

While browsing internet; I get a lot of pop-ups.  Pop-ups for PC clean-up download, Adobe reader download, Real player download, department store advertisements, video clips start playing out of the blue, algorithm, phishing, malware, computer is infected etc. Please help.

[Program files Skype Google Chrome Windows]

Ok conduit still comes up on the browser and all programs you mentioned are gone. Computer seems to run faster.

[Program files Skype Google Chrome Windows]

i am at a lost what to do after downloading the revo program. 

This is where I am at now. I didn't click on uninstall as of yet

[Program files Skype Google Chrome Windows]

Browser still shows conduit. Muvic smartbar is still there.

[Program files Skype Google Chrome Windows]

All processes killed

========== OTL ==========

Service WinRST stopped successfully!

Service WinRST deleted successfully!

File C:\Program Files\WinRST\WinRST.exe not found.

Service vxlsnyaiet32 stopped successfully!

Service vxlsnyaiet32 deleted successfully!

File C:\Program Files\003\vxlsnyaiet32.exe run options=01100010030000000000000000000000 sourceguid=6E6B36EB-9156-411B-B951-C735F4747DCF not found.

Service spdfrmon stopped successfully!

Service spdfrmon deleted successfully!

File C:\Program Files\SpeedItup Free\spdfrmon.exe not found.

Service SMUpd stopped successfully!

Service SMUpd deleted successfully!

File C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe /service not found.

Service pcregservice stopped successfully!

Service pcregservice deleted successfully!

File C:\Program Files\pcreg\pcreg.exe not found.

Error: No service named Jsip was found to stop!

Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jsip deleted successfully.

File C:\Program Files\Jsip\Jsip.exe not found.

Service fpvoixdaog32 stopped successfully!

Service fpvoixdaog32 deleted successfully!

File C:\Program Files\002\fpvoixdaog32.exe run options=01110010020000000000000000000000 sourceguid=916A702F not found.

Service ConvertFilesforFreeUpdt stopped successfully!

Service ConvertFilesforFreeUpdt deleted successfully!

File C:\Program Files\Convert Files for Free\ConvertFilesforFreeUpdt.exe not found.

Service consumerinput_update stopped successfully!

Service consumerinput_update deleted successfully!

File C:\Program Files\Consumer Input\Update\ConsumerInputUpdate.exe /svc not found.

Service SPDRIVER_1.35.1.155 stopped successfully!

Service SPDRIVER_1.35.1.155 deleted successfully!

File C:\Program Files\ShopperPro\JSDriver\1.35.1.155\jsdrv.sys not found.

Service SMUpdd stopped successfully!

Service SMUpdd deleted successfully!

File C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys not found.

Service {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw stopped successfully!

Service {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw deleted successfully!

File system32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw.sys not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{f2e99efd-72dc-4c5d-9f7c-219133ff8e40} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f2e99efd-72dc-4c5d-9f7c-219133ff8e40}\ not found.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}\ not found.

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry value HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{f2e99efd-72dc-4c5d-9f7c-219133ff8e40} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f2e99efd-72dc-4c5d-9f7c-219133ff8e40}\ not found.

HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3\ deleted successfully.

C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Extensions folder moved successfully.

C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Firefox\Profiles\extensions folder moved successfully.

File C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected] not found.

C:\Program Files\Mozilla Firefox\extensions folder moved successfully.

Use Chrome's Settings page to remove the default_search_provider items.

[Program files Skype Google Chrome Windows]

Here is the extras

log #2

 

OTL Extras logfile created on: 6/12/2014 3:05:08 PM - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sylvia Garcia\Downloads

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17041)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

1.99 Gb Total Physical Memory | 0.70 Gb Available Physical Memory | 34.95% Memory free

3.98 Gb Paging File | 2.13 Gb Available in Paging File | 53.64% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232.84 Gb Total Space | 185.52 Gb Free Space | 79.68% Space Free | Partition Type: NTFS

 

Computer Name: SYLVIAGARCIA-PC | User Name: Sylvia Garcia | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- C:\Program Files\File Type Helper\FileTypeHelper.exe "%1"

Directory [AddToPlaylistHiDefMedia] -- "C:\Program Files\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --playlist-enqueue "%1"

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithHiDefMedia] -- "C:\Program Files\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --no-playlist-enqueue "%1"

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{07BF770D-4FFF-4E1D-B469-DD549C1A98C5}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{20180691-9756-497F-9B70-1539F54ADB57}" = lport=1500 | protocol=6 | dir=in | name=koinorc | 

"{2244EE1F-12D3-4C59-AFC1-68762F95CFD7}" = lport=138 | protocol=17 | dir=in | app=system | 

"{2671F1CE-C56F-4AE0-BDA3-A6BE25F612A4}" = lport=445 | protocol=6 | dir=in | app=system | 

"{2A17E81D-C012-4E9C-A83A-256F49F769C3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{4310B9F7-38FE-4882-8C07-59B9B4835D6C}" = rport=137 | protocol=17 | dir=out | app=system | 

"{566AA155-D1D0-425F-AEC6-C154D5E93822}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{5D1D47EF-E059-48FE-B0C5-D09F0A2250BE}" = lport=139 | protocol=6 | dir=in | app=system | 

"{5EC71C40-857E-4F03-B64A-57A3DE83D5EB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{64A4D4A5-B920-4B3F-BB87-6F19F72D4CFD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{736A8DB7-5662-4749-B0DA-6A069E9BF922}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{95CD0746-F355-4F26-8DED-B9DE612CCA42}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{A53AE193-DCCB-49A8-9101-C779B1DEC8DB}" = lport=137 | protocol=17 | dir=in | app=system | 

"{A59940D6-610B-48FA-86C6-6ECEB60FCF41}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 

"{AB913312-E45B-4FC2-A468-DA0023F03EF5}" = rport=138 | protocol=17 | dir=out | app=system | 

"{C3F7AF7A-D3E4-4291-B3CD-4B0ED345E8B8}" = rport=139 | protocol=6 | dir=out | app=system | 

"{CB8A14D1-98BD-4218-917B-828AC218EACA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{CF510007-4094-465E-8CF6-60028D061514}" = lport=2500 | protocol=6 | dir=in | name=koinorc | 

"{CF8F4BD3-32D0-4B2A-99FD-1FE4E3F013E8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{D7822E68-C36E-4EA5-80D0-AB54FAF6EA9C}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{DF32811B-8086-462D-926E-3E4B01646634}" = rport=445 | protocol=6 | dir=out | app=system | 

"{F0F8AE54-B9A6-4DE1-B0CB-8530F06E66AC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{F1BBB711-9E66-4807-99FE-8E02E899185A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{FABFA6F8-C02C-4CFA-A7C2-5A2D253B53B0}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{FE3BD681-078D-4A14-9ED8-CD64ACF80ACB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{14A82A06-41DE-409F-8D1E-B93C99D16FC2}" = dir=in | app=c:\program files\itunes\itunes.exe | 

"{19A2097B-26FF-41CD-9662-977D5388FA4D}" = protocol=1 | dir=in | [email protected],-28543 | 

"{204337A7-008F-4E5F-89E1-FB4A037E45D3}" = dir=out | app=c:\program files\pcreg\service.exe | 

"{2055466D-9226-4F23-BA6D-7DC71B9B1F33}" = protocol=6 | dir=in | app=c:\program files\ezhelp\server\remotefserver.exe | 

"{20EEEDCA-F391-4BE1-9E61-C12FA43081A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{27A36327-67FA-402D-ACCD-A4FAA2593C39}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{3FB7C4DC-0ADF-4F36-A2BA-D3FDD793CE94}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 

"{48D84FE4-67DC-4DEF-9D03-95CDB51B1E83}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 

"{53F3D600-144D-4980-92F4-9CB76B341540}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{58384399-2845-4F16-93DB-370D8A12FD78}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{591C9CAA-E1B5-43E8-A721-F09727A08934}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{69101A41-8770-4615-8B12-65036A50FF52}" = dir=in | app=c:\program files\pcreg\service.exe | 

"{714042C2-A681-4C5C-ADCF-2875606DA2B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{81A78C7D-2073-4D5D-BF4F-F4037CA29F8D}" = dir=in | app=c:\program files\pcreg\pcreg.exe | 

"{85541F52-E459-4425-BE58-52B7872F4FD8}" = protocol=6 | dir=out | app=system | 

"{86512971-99CD-4AE1-9A7A-D2BB0B2B16EA}" = protocol=6 | dir=in | app=c:\program files\ezhelp\server\ezhelpserver.exe | 

"{8721D66F-D0DA-49C4-B571-D2E391FBA216}" = protocol=58 | dir=out | [email protected],-28546 | 

"{8B4D38E7-A0F8-466B-AA90-2912AFE50A1A}" = protocol=6 | dir=in | app=c:\program files\itibiti soft phone\itibiti.exe | 

"{953035EA-A82D-4081-993C-32973EA9176E}" = dir=out | app=c:\program files\pcreg\pcreg.exe | 

"{984D30B5-8108-4290-949C-91A362A62C74}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{9A508DE9-4299-4E6D-85C0-5A9D3E8F322B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{9E74EE48-DEF3-4A76-80D7-5A5B4FDD648D}" = protocol=17 | dir=in | app=c:\program files\itibiti soft phone\itibiti.exe | 

"{ABEEB1EB-E0C0-4017-AF63-D3EE70FD4930}" = protocol=6 | dir=in | app=c:\program files\ezhelp\server\soundmodule.exe | 

"{AFE5D441-9CD8-47BB-952A-AC30E07AD4B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{B9C0990F-FCE5-40A4-9F2B-0607049851CE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{C2449ED6-935A-49A1-BBD8-249E8675A41E}" = dir=in | app=c:\program files\pcreg\service.exe | 

"{C5C1C9D3-E6D0-4289-BBB2-CBB616BF69CF}" = protocol=6 | dir=in | app=c:\users\sylvia garcia\appdata\local\temp\low\koino\anysupport\host_kr\koinohost.exe | 

"{C9D413A4-37AB-4121-8341-4A4119EFA2F0}" = dir=in | app=c:\program files\pcreg\pcreg.exe | 

"{D24B1C26-B434-479A-BCA7-2E38D9DA0AAD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{D61CC514-7B60-4FC6-8779-5044AD44081B}" = dir=out | app=c:\program files\pcreg\pcreg.exe | 

"{DE6EBF81-AD23-4EEA-8F51-160AC097041E}" = dir=out | app=c:\program files\pcreg\service.exe | 

"{DEDD3813-7C25-4964-A2A1-B7DE4B84A702}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{E4ACAFB8-1A05-4582-9085-EDC8CA139468}" = protocol=58 | dir=in | [email protected],-28545 | 

"{E9824140-5BD6-4317-8FC3-22B4D7256910}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{F39EBB38-468A-48D5-AD9E-C7A4796DD5B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{FAEFB53C-7057-4484-98BA-F4657B09F6FB}" = protocol=17 | dir=in | app=c:\users\sylvia garcia\appdata\local\temp\low\koino\anysupport\host_kr\koinohost.exe | 

"{FB97EDAC-C835-4ED6-A82F-95D0E4704FBA}" = protocol=1 | dir=out | [email protected],-28544 | 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00A61104-74B5-4056-AD00-4397EF4FB141}" = iCloud

"{18D47FA1-0440-48D3-A7E0-DA09537FF471}" = Apple Mobile Device Support

"{26B4D0E1-6F6D-48DF-8719-80276A259F7E}" = SavetheChildren Reminder by We-Care.com v4.1.26.4

"{273130E8-117C-4237-A0FA-83EBBF11E051}" = Driver Restore

"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug

"{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}" = iTunes

"{328622FC-0159-420C-BAE4-81B3001B4DA1}_is1" = ID Patroller

"{36A345C9-0691-45A1-AEEF-29ECEC8B5014}" = Microsoft Security Client

"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1

"{597FB4A5-DD86-4316-A410-7E8074CC2CCE}" = Driver Support

"{5D6D605B-E4B7-490B-A794-9284BC3D2A8B}" = Driver Detective

"{6C6165FD-303E-4696-9D61-930244405B17}" = ASRPlugin2

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skypeâ„¢ 6.16

"{82BF2C5E-79A7-4A13-B508-D5E64A5B141E}" = Uninstall Helper

"{847917E3-683B-4A08-8CEB-FBB46CA2785A}" = Muvic Smartbar

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A0B0DA25-DD15-4739-92A3-62D3424F043A}_is1" = PC Tech Hotline

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support

"{AC7E7905-8C59-4806-A96D-30936A2B1FC5}" = Citrix Online Launcher

"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call

"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin

"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX

"888pokerNJ" = 888pokerNJ

"94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1" = Activeris AntiMalware

"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin

"BrowserSafeguard" = BrowserSafeguard with RocketTab

"Consumer Input Installer" = Consumer Input (remove only)

"ContentExplorer" = ContentExplorer

"Convert Files for Free" = Convert Files for Free

"f2d51b4c-2921-4a51-a0e0-efc3cbf492b8" = BlockAndSurf

"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]

"Frieven_s_Prox_1.8" = Frieven_s_Prox_1.8

"Google Chrome" = Google Chrome

"HaaliMkx" = Haali Media Splitter

"HDMI" = Intel® Graphics Media Accelerator Driver

"HiDef Media Player" = HiDef Media Player 1.1.12

"Highlightly" = Highlightly

"Hyper Browser" = Hyper Browser

"ImagePrinter" = ImagePrinter 2.1

"Itibiti_is1" = KNCTR

"iWebar" = iWebar

"Jsip" = Jsip

"LightsOff" = Lights Off

"Mediaa_Play_AIR_1.4" = Mediaa_Play_AIR_1.4

"Microsoft Security Client" = Microsoft Security Essentials

"Netstudy ¹öÀü2.5" = Netstudy ¹öÀü2.5 

"NSS" = Norton Security Scan

"OpenSoftwareUpdater" = OpenSoftwareUpdater

"Paltalk Messenger" = Paltalk Messenger  11.3

"PC Clean Maestro" = PC Clean Maestro

"PC Driver Kit_is1" = PC Driver Kit v3.1

"Pidgin" = Pidgin v2.10.3

"Search module" = Search module

"Setup Support for Consumer Input" = Consumer Input

"ShopperPro" = Shopper-Pro

"U+½º¸¶Æ®·¯´× LTE¿ø¾î¹Îȸȭ" = U+½º¸¶Æ®·¯´× LTE¿ø¾î¹Îȸȭ 2.5

"Uninstall Helper 2.0.1.0" = Uninstall Helper

"Virtual Printer_is1" = Virtual Printer

"VLC media player" = VLC media player 2.1.3

"Weather It Up" = Weather It Up

"WeatherBug®" = WeatherBug®

"Worldwide Web Research11.041.44" = Worldwide Web Research

"Yahoo! Companion" = Yahoo! Toolbar

"Yahoo! Messenger" = Yahoo! Messenger

"Yahoo! Software Update" = Yahoo! Software Update

"YTDownloader" = YTDownloader

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"GoToMeeting" = GoToMeeting 6.3.0.1440

"OutfoxTV" = OutfoxTV

"Severe Weather Alerts" = Severe Weather Alerts

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 6/12/2014 4:48:11 PM | Computer Name = SylviaGarcia-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 6/12/2014 4:52:31 PM | Computer Name = SylviaGarcia-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 6/12/2014 5:01:39 PM | Computer Name = SylviaGarcia-PC | Source = Application Hang | ID = 1002

Description = The program OTL (2).scr version 3.2.69.0 stopped interacting with 

Windows and was closed. To see if more information about the problem is available,

 check the problem history in the Action Center control panel.    Process ID: ad4    Start

 Time: 01cf868114f9bad8    Termination Time: 481    Application Path: C:\Users\Sylvia Garcia\Downloads\OTL

 (2).scr    Report Id: b2659f8a-f274-11e3-8980-001aa0dfb82c  

 

[ System Events ]

Error - 6/12/2014 4:50:48 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000

Description = The ConvertFilesforFreeUpdt service failed to start due to the following

 error:   %%2

 

Error - 6/12/2014 4:50:48 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000

Description = The fpvoixdaog32 service failed to start due to the following error:

   %%2

 

Error - 6/12/2014 4:50:48 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000

Description = The Jsip service failed to start due to the following error:   %%2

 

Error - 6/12/2014 4:50:49 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000

Description = The pcregservice Service service failed to start due to the following

 error:   %%2

 

Error - 6/12/2014 4:50:49 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000

Description = The Search Module Update service failed to start due to the following

 error:   %%2

 

Error - 6/12/2014 4:50:49 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000

Description = The SPDRIVER_1.35.1.155 service failed to start due to the following

 error:   %%3

 

Error - 6/12/2014 4:50:49 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000

Description = The vxlsnyaiet32 service failed to start due to the following error:

   %%2

 

Error - 6/12/2014 4:50:49 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000

Description = The WinRST service failed to start due to the following error:   %%2

 

Error - 6/12/2014 4:50:50 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

   {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw

 

Error - 6/12/2014 4:52:50 PM | Computer Name = SylviaGarcia-PC | Source = Service Control Manager | ID = 7000

Description = The ConsumerInput Update Service (consumerinput_update) service failed

 to start due to the following error:   %%2

 

 

< End of report >

[Program files Skype Google Chrome Windows]

These first two are OTL.text

Here is the 2nd half

 

========== Modules (No Company Name) ==========

 

MOD - [2014/06/09 19:33:12 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\15c45f1932751583dc3c2d49e5786acd\System.Web.Services.ni.dll

MOD - [2014/06/09 19:33:09 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll

MOD - [2014/06/09 19:32:50 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll

MOD - [2014/06/09 19:32:33 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\27d6a35533978defe1fc51fb84edb058\System.Data.ni.dll

MOD - [2014/06/09 19:31:05 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll

MOD - [2014/06/05 07:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll

MOD - [2014/06/05 07:58:37 | 014,612,296 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

MOD - [2014/06/05 07:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll

MOD - [2014/06/05 07:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll

MOD - [2014/06/05 07:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll

MOD - [2014/06/05 07:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

MOD - [2014/04/24 15:10:06 | 001,161,080 | ---- | M] () -- C:\Windows\System32\LightsOff.CD920490367F.dll

MOD - [2014/03/16 18:11:04 | 000,640,000 | ---- | M] () -- C:\Program Files\Java Update\winclient32.exe

MOD - [2014/03/14 22:25:44 | 000,236,544 | ---- | M] () -- C:\Program Files\Java Update\sqlite3.dll

MOD - [2014/02/27 09:09:32 | 000,069,120 | ---- | M] () -- C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsAppAPI.dll

MOD - [2014/02/27 09:09:30 | 000,343,040 | ---- | M] () -- C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe

MOD - [2014/02/17 11:24:00 | 000,428,448 | ---- | M] () -- C:\Program Files\Driver Support\Driver Support\Agent.Communication.XmlSerializers.dll

MOD - [2014/02/13 04:32:23 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll

MOD - [2014/02/13 04:26:02 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll

MOD - [2014/02/13 04:25:53 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll

MOD - [2014/02/13 04:25:50 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\4f5069e6497e5e6a381ab6aadf05d6a5\Accessibility.ni.dll

MOD - [2014/02/13 04:25:33 | 000,688,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\f6db4a5f721a164ce945d0a28f2ca7bd\System.Security.ni.dll

MOD - [2014/02/13 04:25:29 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll

MOD - [2014/02/13 04:25:24 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll

MOD - [2014/02/13 04:25:23 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll

MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2014/02/12 20:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2013/09/14 01:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll

MOD - [2013/09/14 01:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll

MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll

MOD - [2010/11/20 15:29:11 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

 

 

========== Services (SafeList) ==========

 

SRV - File not found [Auto | Stopped] -- C:\Program Files\WinRST\WinRST.exe -- (WinRST)

SRV - File not found [Auto | Stopped] -- C:\Program Files\003\vxlsnyaiet32.exe run options=01100010030000000000000000000000 sourceguid=6E6B36EB-9156-411B-B951-C735F4747DCF -- (vxlsnyaiet32)

SRV - File not found [Auto | Stopped] -- C:\Program Files\SpeedItup Free\spdfrmon.exe -- (spdfrmon)

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe /service -- (SMUpd)

SRV - File not found [Auto | Stopped] -- C:\Program Files\pcreg\pcreg.exe -- (pcregservice)

SRV - File not found [Auto | Stopped] -- C:\Program Files\Jsip\Jsip.exe -- (Jsip)

SRV - File not found [Auto | Stopped] -- C:\Program Files\002\fpvoixdaog32.exe run options=01110010020000000000000000000000 sourceguid=916A702F -- (fpvoixdaog32)

SRV - File not found [Auto | Stopped] -- C:\Program Files\Convert Files for Free\ConvertFilesforFreeUpdt.exe -- (ConvertFilesforFreeUpdt)

SRV - File not found [Auto | Stopped] -- C:\Program Files\Consumer Input\Update\ConsumerInputUpdate.exe /svc -- (consumerinput_update)

SRV - [2014/05/13 21:31:32 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014/05/05 00:06:34 | 000,186,768 | ---- | M] (Outfox Tv Productions Pty Ltd) [Auto | Running] -- C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe -- (OutfoxTvUpdater)

SRV - [2014/04/24 15:10:34 | 000,065,912 | ---- | M] (Coffee and Comfort Apps, LLC) [Auto | Running] -- C:\ProgramData\LightsOff\LightsOffService.exe -- (LightsOff)

SRV - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)

SRV - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)

SRV - [2014/03/11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV - [2014/03/11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2014/02/28 21:38:23 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV - [2014/01/12 04:12:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013/05/26 22:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)

SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ShopperPro\JSDriver\1.35.1.155\jsdrv.sys -- (SPDRIVER_1.35.1.155)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys -- (SMUpdd)

DRV - File not found [Kernel | System | Stopped] -- system32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw.sys -- ({2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw)

DRV - [2014/06/09 12:10:10 | 000,052,920 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw.sys -- ({9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw)

DRV - [2014/03/11 09:52:30 | 000,104,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)

DRV - [2012/01/18 07:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)

DRV - [2011/11/28 12:32:28 | 000,034,128 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dfmirage.sys -- (dfmirage)

DRV - [2010/11/20 15:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010/11/20 15:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010/11/20 15:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKLM\..\URLSearchHook: {f2e99efd-72dc-4c5d-9f7c-219133ff8e40} - No CLSID value found

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12692&tm=330&src=ds&p={searchTerms}

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 1E 03 73 4D 0E CF 01  [binary data]

IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\URLSearchHook: {f2e99efd-72dc-4c5d-9f7c-219133ff8e40} - No CLSID value found

IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search

IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12692&tm=330&src=ds&p={searchTerms}

IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>

 

 

========== FireFox ==========

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found

FF - HKLM\Software\MozillaPlugins\scilearn.com/ASRPlugin2: C:\Program Files\ScientificLearningCorporation\ASRPlugin2\2.3.0.0\npASRPlugin2_2.3.0.0.dll (Scientific Learning Corporation)

FF - HKLM\Software\MozillaPlugins\scilearn.com/ASRPluginCheck: C:\Program Files\ScientificLearningCorporation\ASRPluginCheck\1.0.0.0\npASRPluginCheck.dll (Scientific Learning Corporation)

FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Sylvia Garcia\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sylvia Garcia\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sylvia Garcia\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

 

 

[2014/04/27 10:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Extensions

[2014/04/27 20:00:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

[2014/04/27 10:30:20 | 000,036,933 | ---- | M] () (No name found) -- C:\Users\Sylvia Garcia\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected]

[2014/04/29 15:33:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

 

========== Chrome  ==========

 

CHR - default_search_provider: Trovi search (Enabled)

CHR - default_search_provider: search_url = http://www.trovi.com/Results.aspx?gd=&ctid=CT3323128&octid=EB_ORIGINAL_CTID&ISID=M04A2DD3B-7084-425E-9373-DAD56915E82B&SearchSource=58&CUI=&UM=5&UP=SP26126616-7CDB-4494-96A3-18CBCA2E6F86&q={searchTerms}&SSPV=

CHR - default_search_provider: suggest_url = http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms},

CHR - homepage: http://www.inbox.com/homepage.aspx?tbid=80969&iwk=298&lng=en

CHR - plugin: Error reading preferences file

CHR - Extension: Google Docs = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_1\

CHR - Extension: Google Drive = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: Design Page = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakgmemkflciahncfpgaebpnknhejeja\0.1_0\

CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_1\

CHR - Extension: YouTube = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Frieven_s_Prox_1.8 = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceenmgoldhkkegcnlieacjjhndklllkp\1.26.18_0\crossrider

CHR - Extension: Frieven_s_Prox_1.8 = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceenmgoldhkkegcnlieacjjhndklllkp\1.26.18_0\

CHR - Extension: Spry this! = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\

CHR - Extension: Google Search = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: Skype Click to Call = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_1\

CHR - Extension: Mediaa_Play_AIR_1.4 = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhkgfigejkhikbkfkkglinnkfojkdek\1.26.13_0\crossrider

CHR - Extension: Mediaa_Play_AIR_1.4 = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhkgfigejkhikbkfkkglinnkfojkdek\1.26.13_0\

CHR - Extension: Google Wallet = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

CHR - Extension: Gmail = C:\Users\Sylvia Garcia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

 

O1 HOSTS File: ([2009/06/10 15:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (ConvertFilesforFree) - {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} - C:\Program Files\Convert Files for Free\ConvertFilesforFree.dll File not found

O2 - BHO: (Highlightly) - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll File not found

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\..\Toolbar\WebBrowser: (no name) - {F2E99EFD-72DC-4C5D-9F7C-219133FF8E40} - No CLSID value found.

O4 - HKLM..\Run: [AutoLoader] "C:\Users\SYLVIA~1\AppData\Local\Temp\WebMonitor.exe" File not found

O4 - HKLM..\Run: [iD Patroller] "C:\Program Files\ID Patroller\ID Patroller\IDPatroller.exe" "/min" File not found

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [OpenSoftwareUpdater] C:\Program Files\OpenSoftwareUpdater\OpenSoftwareUpdater.exe File not found

O4 - HKLM..\Run: [pcreg] C:\Program Files\pcreg\service.exe File not found

O4 - HKLM..\Run: [sPDriver] C:\Program Files\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe File not found

O4 - HKLM..\Run: [Windows Client Manager] C:\Program Files\Java Update\winclient32.exe ()

O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)

O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [Driver Support] C:\Program Files\Driver Support\Driver Support\DriverSupport.exe (PC Drivers Headquarters)

O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)

O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe (Outfox Tv Productions Pty Ltd)

O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [pcreg] C:\Program Files\pcreg\service.exe File not found

O4 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk = C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe ()

O4 - Startup: C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk = C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (Weather Notifications, LLC)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2375953999-3041022653-1334519409-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1

O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe File not found

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {63F0EC82-403A-4936-A664-9D05A4727049} http://install.inetstudy.co.kr/Sisa20/NSInstallAx.cab (NSInstall Control)

O16 - DPF: {94EB25BD-3FBA-4A6D-9086-103F3B6EC9EE} http://939.co.kr/data_dir/ezhelp/ActiveX/ezHelpLauncher20140316220215.cab (ezHelpServerLauncher Control)

O16 - DPF: {A5261EF0-76F0-4D9C-891C-56813163D9DA} http://as82.kr/download/_cab/KoinoLoader.cab (KoinoLoader Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84016E75-D933-4D53-AEE3-51FA64F1C4CA}: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2014/06/11 00:39:04 | 000,052,920 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw.sys

[2014/06/10 23:40:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll

[2014/06/10 23:40:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll

[2014/06/10 23:40:41 | 000,187,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS

[2014/06/10 23:40:36 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll

[2014/06/10 23:40:36 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll

[2014/06/10 11:36:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mediaa_Play_AIR_1.4

[2014/06/10 11:36:12 | 000,000,000 | ---D | C] -- C:\Program Files\Frieven_s_Prox_1.8

[2014/06/10 11:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2014/06/10 09:46:39 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\Desktop\YBM JSQ video clips

[2014/06/10 09:45:15 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\Desktop\Pay Calculation for JSQ

[2014/06/10 09:42:43 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\Desktop\Microsoft word Documents

[2014/06/09 19:13:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2014/06/09 19:08:23 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll

[2014/06/09 19:07:19 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2014/06/08 16:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2014/05/22 04:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2014/05/15 07:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Update

[2014/05/15 07:27:41 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\AppData\Roaming\WeatherBug

[2014/05/15 07:27:36 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBug

[2014/05/15 07:24:11 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OutfoxTV

[2014/05/15 07:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\OutfoxTV

[2014/05/14 10:57:47 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

[2014/05/14 10:57:47 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\Documents\888PokerNJ

[2014/05/14 10:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888pokerNJ

[2014/05/14 10:56:43 | 000,000,000 | ---D | C] -- C:\Users\Sylvia Garcia\AppData\Roaming\888pokerNJ

[2014/05/14 10:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\888pokerNJ

[2014/05/14 03:22:45 | 000,000,000 | --SD | C] -- C:\Windows\System32\CompatTel

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Users\Sylvia Garcia\AppData\Local\*.tmp files -> C:\Users\Sylvia Garcia\AppData\Local\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2014/06/12 15:03:57 | 007,458,816 | ---- | M] () -- C:\Users\Sylvia Garcia\AppData\Local\ChromeHitoryDB

[2014/06/12 14:57:53 | 000,021,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/06/12 14:57:53 | 000,021,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/06/12 14:57:02 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2375953999-3041022653-1334519409-1000UA.job

[2014/06/12 14:55:01 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2375953999-3041022653-1334519409-1000Core.job

[2014/06/12 14:50:53 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014/06/12 14:50:43 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs

[2014/06/12 14:50:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2014/06/12 14:50:39 | 1602,441,216 | -HS- | M] () -- C:\hiberfil.sys

[2014/06/12 14:47:13 | 000,000,546 | ---- | M] () -- C:\Windows\System32\schtasks.bin

[2014/06/12 14:44:02 | 000,000,530 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-2375953999-3041022653-1334519409-1000.job

[2014/06/12 14:34:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014/06/12 14:31:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014/06/12 01:37:24 | 002,123,430 | ---- | M] () -- C:\Users\Sylvia Garcia\Documents\T-C-148-Weather-And-Season-Day-Calendar.pdf

[2014/06/12 01:36:45 | 007,917,242 | ---- | M] () -- C:\Users\Sylvia Garcia\Documents\T-L-069-Alphabet-picture-posters-mnenomic.pdf

[2014/06/10 23:43:12 | 000,000,071 | ---- | M] () -- C:\Users\Sylvia Garcia\AppData\Roaming\WB.CFG

[2014/06/10 11:40:15 | 000,002,236 | ---- | M] () -- C:\Users\Sylvia Garcia\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2014/06/10 11:40:15 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014/06/09 18:24:42 | 000,000,000 | ---- | M] () -- C:\Cookies

[2014/06/09 12:10:10 | 000,052,920 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw.sys

[2014/06/08 02:48:16 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll

[2014/06/08 02:43:43 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll

[2014/06/02 14:55:54 | 000,000,456 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Sylvia Garcia.job

[2014/05/14 10:57:47 | 000,002,014 | ---- | M] () -- C:\Users\Sylvia Garcia\Application Data\Microsoft\Internet Explorer\Quick Launch\888pokerNJ.lnk

[2014/05/13 21:31:30 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2014/05/13 21:31:30 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2014/05/13 20:43:04 | 000,004,608 | ---- | M] () -- C:\eduVideo.GRF

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Users\Sylvia Garcia\AppData\Local\*.tmp files -> C:\Users\Sylvia Garcia\AppData\Local\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2014/06/12 01:37:31 | 002,123,430 | ---- | C] () -- C:\Users\Sylvia Garcia\Documents\T-C-148-Weather-And-Season-Day-Calendar.pdf

[2014/06/12 01:37:04 | 007,917,242 | ---- | C] () -- C:\Users\Sylvia Garcia\Documents\T-L-069-Alphabet-picture-posters-mnenomic.pdf

[2014/06/11 01:30:34 | 000,000,546 | ---- | C] () -- C:\Windows\System32\schtasks.bin

[2014/06/10 11:30:33 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014/06/10 11:29:17 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014/06/10 11:29:15 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014/06/09 18:24:42 | 000,000,000 | ---- | C] () -- C:\Cookies

[2014/05/14 10:57:47 | 000,002,014 | ---- | C] () -- C:\Users\Sylvia Garcia\Application Data\Microsoft\Internet Explorer\Quick Launch\888pokerNJ.lnk

[2014/04/26 22:09:33 | 007,458,816 | ---- | C] () -- C:\Users\Sylvia Garcia\AppData\Local\ChromeHitoryDB

[2014/04/24 15:10:06 | 001,161,080 | ---- | C] () -- C:\Windows\System32\LightsOff.CD920490367F.dll

[2014/02/20 11:06:00 | 000,000,071 | ---- | C] () -- C:\Users\Sylvia Garcia\AppData\Roaming\WB.CFG

[2014/02/05 14:49:16 | 000,205,904 | ---- | C] () -- C:\Windows\System32\ezHelpDownloader.exe

[2014/01/11 15:12:52 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

 

========== ZeroAccess Check ==========

 

[2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 20:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 15:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== LOP Check ==========

 

[2014/06/09 20:17:52 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\.purple

[2014/06/09 20:17:52 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\888pokerNJ

[2014/04/28 01:02:54 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\Compete

[2014/04/27 20:00:26 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\ContentExplorer

[2014/01/10 17:46:50 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\ezhelp

[2014/04/30 04:46:28 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\Gameo

[2014/04/28 07:39:41 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\GameoUpdater

[2014/03/31 09:22:30 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\Itibiti

[2014/01/12 16:34:26 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\Mastersoft

[2014/04/27 16:46:00 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\OpenSoftwareUpdater

[2014/04/27 23:47:12 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\Paltalk

[2014/04/29 16:43:13 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\PC Driver Kit

[2014/04/28 07:40:05 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\RocketUpdater

[2014/05/15 07:27:41 | 000,000,000 | ---D | M] -- C:\Users\Sylvia Garcia\AppData\Roaming\WeatherBug

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:373E1720

 

< End of report >

[Program files Skype Google Chrome Windows]

OTL logfile created on: 6/12/2014 3:05:08 PM - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sylvia Garcia\Downloads

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17041)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

1.99 Gb Total Physical Memory | 0.70 Gb Available Physical Memory | 34.95% Memory free

3.98 Gb Paging File | 2.13 Gb Available in Paging File | 53.64% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232.84 Gb Total Space | 185.52 Gb Free Space | 79.68% Space Free | Partition Type: NTFS

 

Computer Name: SYLVIAGARCIA-PC | User Name: Sylvia Garcia | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2014/06/12 15:03:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sylvia Garcia\Downloads\OTL.com

PRC - [2014/06/05 07:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

PRC - [2014/05/06 01:40:28 | 000,320,400 | ---- | M] (Outfox Tv Productions Pty Ltd) -- C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe

PRC - [2014/05/05 00:06:34 | 000,186,768 | ---- | M] (Outfox Tv Productions Pty Ltd) -- C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe

PRC - [2014/04/24 15:10:34 | 000,065,912 | ---- | M] (Coffee and Comfort Apps, LLC) -- C:\ProgramData\LightsOff\LightsOffService.exe

PRC - [2014/04/24 15:10:04 | 000,042,872 | ---- | M] (Coffee and Comfort Apps, LLC) -- C:\ProgramData\LightsOff\LightsOff.exe

PRC - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

PRC - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

PRC - [2014/03/16 18:11:04 | 000,640,000 | ---- | M] () -- C:\Program Files\Java Update\winclient32.exe

PRC - [2014/03/11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe

PRC - [2014/03/11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe

PRC - [2014/03/11 10:13:14 | 000,951,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2014/02/27 09:09:30 | 000,343,040 | ---- | M] () -- C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe

PRC - [2014/02/17 11:59:28 | 004,680,568 | ---- | M] (PC Drivers Headquarters) -- C:\Program Files\Driver Support\Driver Support\DriverSupport.exe

PRC - [2014/01/12 04:06:44 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2013/11/20 15:43:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

PRC - [2013/11/20 15:43:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

PRC - [2013/11/01 09:22:46 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe

PRC - [2013/09/13 20:20:42 | 000,084,184 | ---- | M] (Weather Notifications, LLC) -- C:\Users\Sylvia Garcia\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe

PRC - [2013/08/01 18:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2012/11/20 15:30:38 | 001,653,760 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe

PRC - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

PRC - [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

[Program files Skype Google Chrome Windows]

I see conduit search is my default browser. I do not see it in the installed programs.

[Program files Skype Google Chrome Windows]

Hello Chuck,

 

I uninstalled programs. I could not uninstall one program and that was muvic smartbar.

[Program files Skype Google Chrome Windows]

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x86

Ran by Sylvia Garcia on Thu 06/12/2014 at 14:38:24.29

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Chrome

 

Successfully deleted: [Folder] C:\Users\Sylvia Garcia\appdata\local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 06/12/2014 at 14:41:29.56

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Program files Skype Google Chrome Windows]

Muvic Smartbar, PC Fix Speed, Speed it up Free, System Optimizer Pro these are the programs I found.

[Program files Skype Google Chrome Windows]

I don't know what happened to that last post.

[Program files Skype Google Chrome Windows]

Ok here are the programs I found under control panel uninstall: Muvic Smartbar, PC Fix Speed, Speed it up Free, System Optimizer Pro

 

p.s. I am happy to say: I was finally able to paste here. I appreciate everything you are doing to get my computer back to its normal state. Thank you so much.

[Program files Skype Google Chrome Windows]

When I start windows it shows an error message that windows does not have a system program. The skype, google chrome, microsoft word icons are shaded white on desktop and task bar. When I click on any of them I can not get access it says there is no program system.