viva,
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
ProShield (Could be listed as "Acer ProShield" or "ProshieldTSR")
McAfee Security Scan Plus
Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
----------------------------------------------
Perform a Custom Fix with OTL
Right click OTL on your desktop, and choose "Run as administrator" to open it.
----------------------------------------------
After posting the Resulting log, Please Rescan as follows:
Open OTL again and click the Quick Scan button. Post the new log it produces, OTL.txt, in a separate reply.
Let me know how it goes.
askey127
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
ProShield (Could be listed as "Acer ProShield" or "ProshieldTSR")
McAfee Security Scan Plus
Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
----------------------------------------------
Perform a Custom Fix with OTL
Right click OTL on your desktop, and choose "Run as administrator" to open it.
- In the Custom Scans/Fixes box at the bottom of OTL, highlight, copy, and paste in ALL the following lines from the Code box (Do not include the word "Code"):
Code::Commands
[CREATERESTOREPOINT]
:OTL
SRV:64bit: - [2014/04/09 15:13:48 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2011/06/05 00:15:42 | 000,195,120 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files\Acer ProShield\x86\EgisService.exe -- (EgisTec Service)
IE - HKLM\..\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^9N^xdm213^S09356^za&si=CLazzsy6g74CFTHItAodYxUAwQ&ptb=716B C68D-EDA4-4BE1-B22D-D6C8C3EEB691&ind=2014042811&n=780bdabb&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-2143668272-1343592271-1051593242-1000\..\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^9N^xdm213^S09356^za&si=CLazzsy6g74CFTHItAodYxUAwQ&ptb=716B C68D-EDA4-4BE1-B22D-D6C8C3EEB691&ind=2014042811&n=780bdabb&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-2143668272-1343592271-1051593242-1000\..\SearchScopes\{CC69BE04-DC1F-4401-99A9-4CDA5EAF5A91}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}: C:\Program Files\Acer ProShield\FFExt [2012/01/19 20:12:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}: C:\Program Files\Acer ProShield\FFExt20 [2012/01/19 20:12:57 | 000,000,000 | ---D | M]
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (EgisPBIE Sign-in Helper) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Acer ProShield\x86\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ProShieldTSR] C:\Program Files\Acer ProShield\EgisTSR.exe (Egis Technology Inc. )
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{492B6F13-B76D-4370-B07D-5F12FD73D36D}" =-
"{A382A63F-44CF-4041-A173-251D94D4B4B4}" =-
"TCP Query User{E03E775A-8639-4318-8A0F-D293745F2E4A}C:\program files (x86)\bittorrent sync\btsync.exe" =-
"UDP Query User{479FD2C1-21B8-45AA-80FF-FF3F87AD0DDB}C:\program files (x86)\bittorrent sync\btsync.exe" =-
:Files
C:\Program Files\McAfee Security Scan
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
C:\Program Files\McAfee Security Scan
C:\ProgramData\McAfee Security Scan
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
C:\Users\Johan Swanepoel\AppData\Roaming\BitTorrent
C:\Users\Johan Swanepoel\AppData\Roaming\BitTorrent Sync
C:\Users\Johan Swanepoel\AppData\Roaming\MAGIX
C:\Program Files\Acer ProShield
ipconfig /flushdns /c
:Commands
[emptyjava]
[emptyflash]
[EMPTYTEMP]
- Then click the Run Fix button at the top. DO NOT CLICK Run Scan
- Let the program run unhindered, and click to allow the Reboot when it is done.
When the computer Reboots, and you start your usual account, a Notepad text file will appear. - That is the FIX log file. Copy the contents of that file and post it in your next reply.
It will also be available and named by timestamp here: C:\_OTL\Moved Files\mmddyyyy_hhmmss.log
----------------------------------------------
After posting the Resulting log, Please Rescan as follows:
Open OTL again and click the Quick Scan button. Post the new log it produces, OTL.txt, in a separate reply.
Let me know how it goes.
askey127