I have a virus and can;t do anything... getting errors when I go to IE or chrome getting pop up..I. think that I have been hacked,,,I tried to download skybot and it said that it was not compatible...
My laptop got infected and now I am not able to do anything. [Solved]
#1
Posted 28 August 2014 - 11:53 AM
#2
Posted 28 August 2014 - 12:24 PM
If you are unable to could you download it on another computer and using a USB transfer it to the sick computer
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Select additions at the bottom
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please attach both logs generated.
#3
Posted 28 August 2014 - 01:04 PM
#4
Posted 28 August 2014 - 01:46 PM
i tried to applied for another account but was having issues so i used my account.....
#5
Posted 28 August 2014 - 02:19 PM
If you have problems copying all the fix into a fixlist.txt then I have attached the same fix here. Just save the fixlist,txt to the same location as FRST and then press fix
fixlist.txt 18.94KB 391 downloads
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
C:\Program Files (x86)\Inbox Toolbar
C:\Users\judy\AppData\Roaming\ContentExplorer
C:\Program Files (x86)\Inbox3
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\InboxAce_1g
C:\Program Files (x86)\MyFunCards_5m
C:\Program Files (x86)\WSE_Astromenda
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\TotalRecipeSearch_14
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\ver1BlockAndSurf
C:\Users\judy\AppData\Roaming\VOPackage
C:\Program Files (x86)\TidyNetwork
C:\Users\judy\AppData\Local\DesktopTemperature
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset /c
CMD: netsh advfirewall set allprofiles state ON /c
CMD: ipconfig /flushdns /c
CMD: netsh winsock reset catalog /c
CMD: netsh int ip reset c:\resetlog.txt /c
CMD: ipconfig /release /c
CMD: ipconfig /renew /c
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click on Scan.
- After the scan is complete click on "Clean"
- Confirm each time with Ok.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile with your next answer.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
A fresh FRST scan to see what I missed
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Select additions at the bottom
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please attach both logs generated.
#6
Posted 28 August 2014 - 03:20 PM
OK I am surprised that windows actually runs to be honest... Lets now kill all rubbish
If you have problems copying all the fix into a fixlist.txt then I have attached the same fix here. Just save the fixlist,txt to the same location as FRST and then press fix
fixlist.txt
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
C:\Program Files (x86)\Inbox Toolbar
C:\Users\judy\AppData\Roaming\ContentExplorer
C:\Program Files (x86)\Inbox3
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\InboxAce_1g
C:\Program Files (x86)\MyFunCards_5m
C:\Program Files (x86)\WSE_Astromenda
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\TotalRecipeSearch_14
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\ver1BlockAndSurf
C:\Users\judy\AppData\Roaming\VOPackage
C:\Program Files (x86)\TidyNetwork
C:\Users\judy\AppData\Local\DesktopTemperature
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset /c
CMD: netsh advfirewall set allprofiles state ON /c
CMD: ipconfig /flushdns /c
CMD: netsh winsock reset catalog /c
CMD: netsh int ip reset c:\resetlog.txt /c
CMD: ipconfig /release /c
CMD: ipconfig /renew /c
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.FINALLY
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click on Scan.
- After the scan is complete click on "Clean"
- Confirm each time with Ok.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile with your next answer.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
A fresh FRST scan to see what I missed
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Select additions at the bottom
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please attach both logs generated.
OK I am surprised that windows actually runs to be honest... Lets now kill all rubbish
If you have problems copying all the fix into a fixlist.txt then I have attached the same fix here. Just save the fixlist,txt to the same location as FRST and then press fix
fixlist.txt
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
C:\Program Files (x86)\Inbox Toolbar
C:\Users\judy\AppData\Roaming\ContentExplorer
C:\Program Files (x86)\Inbox3
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\InboxAce_1g
C:\Program Files (x86)\MyFunCards_5m
C:\Program Files (x86)\WSE_Astromenda
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\TotalRecipeSearch_14
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\ver1BlockAndSurf
C:\Users\judy\AppData\Roaming\VOPackage
C:\Program Files (x86)\TidyNetwork
C:\Users\judy\AppData\Local\DesktopTemperature
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset /c
CMD: netsh advfirewall set allprofiles state ON /c
CMD: ipconfig /flushdns /c
CMD: netsh winsock reset catalog /c
CMD: netsh int ip reset c:\resetlog.txt /c
CMD: ipconfig /release /c
CMD: ipconfig /renew /c
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.FINALLY
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click on Scan.
- After the scan is complete click on "Clean"
- Confirm each time with Ok.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile with your next answer.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
A fresh FRST scan to see what I missed
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Select additions at the bottom
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please attach both logs generated.
#7
Posted 28 August 2014 - 03:32 PM
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014Ran by judy (administrator) on JUDYSPC on 28-08-2014 11:41:55Running from C:\Users\judy\DownloadsPlatform: Windows 8.1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo...very-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe(COMPANYVERS_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe(COMPANYVERS_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe() C:\Program Files (x86)\pastaleads\PastaLeadsService.exe() C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe(Soluto) C:\Program Files\Soluto\SolutoService.exe(COMPANYVERS_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe(COMPANYVERS_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Soluto) C:\Program Files\Soluto\Soluto.exe() C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe() C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe() C:\Program Files (x86)\ver1BlockAndSurf\BlockAndSurf.exe(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe( ) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe( ) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe( ) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe( ) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe(Inbox.com) C:\Program Files (x86)\Inbox3\Inbox3Tray.exe(ContentExplorer) C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe(System Alerts LLC) C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe(Acer Incorporated) C:\Users\judy\AppData\Local\clear.fi\Portal\AcerPortalSetup.exe(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Farbar) C:\Users\judy\Downloads\FRST64 (1).exe==================== Registry (Whitelisted) ==================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-17] (Realtek Semiconductor)HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-13] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [52992 2014-08-06] (Acer Incorporated)HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()HKLM-x32\...\Run: [fst_us_228] => "C:\Program Files (x86)\fst_us_228\fst_us_228.exe"HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)HKLM-x32\...\RunOnce: [upfst_us_228.exe] => C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe [3337208 2014-08-25] ()HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinitHKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Qualcomm Atheros Commnucations))HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2569984 2014-08-06] (Acer)HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not FoundStartup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnkShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnkShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)ShellIconOverlayIdentifiers: ACloudSyncedRF -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)ShellIconOverlayIdentifiers: ACloudSyncedSF -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)ShellIconOverlayIdentifiers: ACloudSyncing -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)ShellIconOverlayIdentifiers: ACloudToBeSynced -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)BootExecute: autocheck autochk * sdnclean64.exeGroupPolicy: Group Policy on Chrome detected <======= ATTENTION==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yesHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yesHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yesHKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No FileStartMenuInternet: IEXPLORE.EXE - iexplore.exeSearchScopes: HKLM - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJSSearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}SearchScopes: HKLM - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJSSearchScopes: HKLM-x32 - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJSSearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}SearchScopes: HKLM-x32 - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJSSearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=enSearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=enSearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No FileHandler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100FireFox:========FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No FileFF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpiFF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]Chrome:=======CHR StartupUrls: Default -> "hxxp://www.google.com"CHR Profile: C:\Users\judy\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-14]CHR Extension: (Google Drive) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-14]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-21]CHR Extension: (YouTube) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-14]CHR Extension: (Google Search) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-14]CHR Extension: (Google Wallet) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]CHR Extension: (Gmail) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-14]==================== Services (Whitelisted) =================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3058944 2014-08-06] (Acer Incorporated)S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [356432 2014-06-25] (Term Tutor)R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-16] (AVG Secure Search)R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-17] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-17] (Microsoft Corporation)==================== Drivers (Whitelisted) ====================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-11-30] (Qualcomm Atheros, Inc.)R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-08-16] (AVG Technologies)R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-20] ()R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-06-25] (Term Tutor)R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-17] (Microsoft Corporation)R2 webinstr; C:\WINDOWS\system32\Drivers\webinstr.sys [58040 2014-08-27] (Corsica)R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]U2 TMAgent; No ImagePath==================== NetSvcs (Whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)==================== One Month Created Files and Folders ========(If an entry is included in the fixlist, the file\folder will be moved.)2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe2014-08-28 11:41 - 2014-08-28 11:42 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt2014-08-28 11:41 - 2014-08-28 11:42 - 00000000 ____D () C:\FRST2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe2014-08-28 11:35 - 2014-08-28 11:36 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP12014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP32014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP22014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log2014-08-27 23:08 - 2014-08-28 11:27 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_2282014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_2282014-08-27 23:04 - 2014-08-28 12:57 - 00000085 _____ () C:\WINDOWS\wininit.ini2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore2014-08-27 22:59 - 2014-07-01 10:37 - 00020872 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS2014-08-27 22:58 - 2014-08-27 22:59 - 00000000 ____D () C:\Program Files (x86)\DriverRestore2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit2014-08-27 18:06 - 2014-08-28 12:58 - 00007878 _____ () C:\WINDOWS\PFRO.log2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids2014-08-16 07:53 - 2014-08-16 07:54 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar2014-08-16 07:48 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll2014-08-16 07:48 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll2014-08-15 07:39 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe2014-08-15 07:39 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll2014-08-15 07:39 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll2014-08-15 07:39 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll2014-08-15 07:39 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll2014-08-15 07:39 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys2014-08-15 07:39 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll2014-08-15 07:39 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll2014-08-15 07:38 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2014-08-15 07:38 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2014-08-15 07:38 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll2014-08-15 07:38 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll2014-08-15 07:38 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2014-08-15 07:38 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2014-08-15 07:38 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll2014-08-15 07:38 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll2014-08-15 07:38 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll2014-08-15 07:38 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2014-08-15 07:38 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll2014-08-15 07:38 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll2014-08-15 07:38 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl2014-08-15 07:38 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll2014-08-15 07:38 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll2014-08-15 07:38 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2014-08-15 07:38 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll2014-08-15 07:38 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl2014-08-15 07:38 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2014-08-15 07:38 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2014-08-15 07:38 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll2014-08-15 07:38 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2014-08-15 07:37 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2014-08-15 07:37 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll2014-08-15 07:37 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll2014-08-15 07:37 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll2014-08-15 07:37 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll2014-08-15 07:37 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll2014-08-15 07:37 - 2014-07-25 04:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll2014-08-15 07:37 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll2014-08-15 07:37 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2014-08-15 07:37 - 2014-07-25 04:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll2014-08-15 07:37 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2014-08-15 07:37 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll2014-08-15 07:37 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2014-08-15 07:31 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll2014-08-15 07:31 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll2014-08-15 07:31 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll2014-08-15 07:30 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll2014-08-15 07:30 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll2014-08-15 07:30 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll2014-08-15 07:30 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll2014-08-15 07:30 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll2014-08-15 07:30 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll2014-08-15 07:30 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll2014-08-15 07:30 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys2014-08-15 07:30 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll2014-08-15 07:30 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll2014-08-15 07:30 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll2014-08-15 07:30 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll2014-08-15 07:30 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll2014-08-15 07:29 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll2014-08-15 07:29 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll2014-08-15 07:29 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll2014-08-15 07:29 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll2014-08-15 07:27 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL2014-08-15 07:26 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll2014-08-15 07:26 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll2014-08-15 07:26 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll2014-08-15 07:26 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll2014-08-15 07:26 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys2014-08-15 07:25 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys2014-08-15 07:25 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe2014-08-15 07:25 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll2014-08-15 07:25 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll2014-08-15 07:25 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll2014-08-15 07:25 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat2014-08-15 07:25 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys2014-08-15 07:25 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys2014-08-15 07:25 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe2014-08-15 07:25 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe2014-08-15 07:25 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll2014-08-15 07:25 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll2014-08-15 07:25 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL2014-08-15 07:25 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll2014-08-15 07:25 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll2014-08-15 07:25 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll2014-08-15 07:25 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll2014-08-15 07:25 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll2014-08-15 07:24 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll2014-08-15 07:24 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll2014-08-15 07:24 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll2014-08-15 07:24 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll2014-08-15 07:24 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe2014-08-15 07:23 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll2014-08-15 07:23 - 2014-08-06 15:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2014-08-15 07:23 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll2014-08-15 07:23 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll2014-08-15 07:23 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe2014-08-15 07:23 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll2014-08-15 07:23 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll2014-08-15 07:23 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll2014-08-15 07:23 - 2014-05-31 03:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS2014-08-15 07:23 - 2014-05-31 03:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys2014-08-15 07:23 - 2014-05-31 03:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys2014-08-15 07:23 - 2014-05-31 03:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys2014-08-15 07:23 - 2014-05-31 03:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys2014-08-15 07:23 - 2014-05-30 23:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys2014-08-15 07:23 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys2014-08-15 07:23 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys2014-08-15 07:23 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe2014-08-15 07:23 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll2014-08-15 07:23 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll2014-08-15 07:23 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys2014-08-15 07:23 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll2014-08-15 07:23 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll2014-08-15 07:23 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll2014-08-15 07:23 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk2014-08-14 20:05 - 2014-08-28 11:26 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log2014-08-14 19:44 - 2014-08-28 13:01 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner2014-08-14 19:42 - 2014-08-28 13:01 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2014-08-14 19:42 - 2014-08-28 13:01 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2014-08-14 19:42 - 2014-08-14 19:56 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2014-08-14 19:42 - 2014-08-14 19:56 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Users\judy\AppData\Local\Google2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files (x86)\Google2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT22014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif2014-08-14 18:54 - 2014-08-16 14:06 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar2014-08-14 18:54 - 2014-08-16 07:53 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search2014-08-14 18:51 - 2014-08-14 18:52 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe2014-08-13 20:38 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe2014-08-13 20:38 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll2014-08-13 20:38 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll2014-08-13 20:38 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll2014-08-13 20:38 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll2014-08-13 20:38 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll2014-08-13 20:38 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_142014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_142014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_492014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49==================== One Month Modified Files and Folders =======(If an entry is included in the fixlist, the file\folder will be moved.)2014-08-28 13:09 - 2014-08-27 23:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job2014-08-28 13:03 - 2014-03-18 03:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2014-08-28 13:02 - 2014-06-01 07:00 - 00000000 ____D () C:\Users\judy\AppData\Local\clear.fi2014-08-28 13:01 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature2014-08-28 13:01 - 2014-08-14 19:44 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-08-28 13:01 - 2014-08-14 19:42 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2014-08-28 13:01 - 2014-08-14 19:42 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2014-08-28 13:01 - 2014-06-17 15:34 - 00000000 ___DO () C:\Users\judy\OneDrive2014-08-28 13:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru2014-08-28 12:59 - 2014-08-27 23:09 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job2014-08-28 12:58 - 2014-08-27 18:06 - 00007878 _____ () C:\WINDOWS\PFRO.log2014-08-28 12:58 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2014-08-28 12:57 - 2014-08-27 23:04 - 00000085 _____ () C:\WINDOWS\wininit.ini2014-08-28 12:56 - 2014-03-15 00:56 - 00000304 _____ () C:\WINDOWS\Tasks\UpdaterEX.job2014-08-28 12:16 - 2014-08-28 12:15 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe2014-08-28 12:09 - 2014-03-15 00:56 - 00000134 _____ () C:\Users\judy\AppData\Roaming\WB.CFG2014-08-28 11:45 - 2014-06-12 06:09 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{845855BE-4589-4F75-966A-FA55784F54FD}2014-08-28 11:42 - 2014-08-28 11:41 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt2014-08-28 11:42 - 2014-08-28 11:41 - 00000000 ____D () C:\FRST2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe2014-08-28 11:36 - 2014-08-28 11:35 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm2014-08-28 11:27 - 2014-08-27 23:08 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_2282014-08-28 11:26 - 2014-08-14 20:05 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log2014-08-28 11:20 - 2014-02-02 17:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-10012014-08-28 11:14 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2014-08-28 11:10 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp2014-08-27 23:35 - 2014-08-27 23:13 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job2014-08-27 23:19 - 2014-07-09 04:26 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk2014-08-27 23:19 - 2014-06-16 16:04 - 00000000 ____D () C:\ProgramData\clear.fi2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\Program Files (x86)\Acer2014-08-27 23:15 - 2014-08-27 23:13 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP12014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP32014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP22014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup2014-08-27 23:13 - 2014-08-27 23:12 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp2014-08-27 23:12 - 2014-07-10 13:41 - 00002005 _____ () C:\Users\Public\Desktop\abPhoto.lnk2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log2014-08-27 23:09 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_2282014-08-27 23:07 - 2014-08-27 23:00 - 00000000 ____D () C:\ProgramData\pastaleads2014-08-27 23:05 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore2014-08-27 22:59 - 2014-08-27 22:58 - 00000000 ____D () C:\Program Files (x86)\DriverRestore2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit2014-08-27 22:34 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF2014-08-27 22:28 - 2014-08-11 07:34 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)2014-08-27 17:17 - 2013-08-03 04:03 - 00000000 ____D () C:\ProgramData\OEM2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar2014-08-22 06:58 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache2014-08-16 14:06 - 2014-08-14 18:54 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar2014-08-16 12:06 - 2014-02-02 17:41 - 00000000 ____D () C:\Program Files (x86)\Knight System Protector2014-08-16 12:00 - 2013-08-22 07:44 - 00335784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2014-08-16 11:57 - 2014-07-12 22:28 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel2014-08-16 11:57 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids2014-08-16 07:54 - 2014-08-16 07:53 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar2014-08-16 07:53 - 2014-08-14 18:54 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search2014-08-14 20:11 - 2014-08-14 20:09 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk2014-08-14 20:09 - 2014-08-11 07:33 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak2014-08-14 19:58 - 2014-06-17 13:46 - 00000000 ___DC () C:\WINDOWS\Panther2014-08-14 19:58 - 2014-02-02 17:30 - 00000000 ____D () C:\Users\judy\AppData\Local\CrashDumps2014-08-14 19:56 - 2014-08-14 19:42 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2014-08-14 19:56 - 2014-08-14 19:42 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Users\judy\AppData\Local\Google2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files (x86)\Google2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT22014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork2014-08-14 19:33 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Resources2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search2014-08-14 18:52 - 2014-08-14 18:51 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe2014-08-14 08:33 - 2014-02-05 11:59 - 00000000 ____D () C:\WINDOWS\system32\MRT2014-08-14 08:31 - 2014-02-05 11:59 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2014-08-13 20:36 - 2014-03-18 03:13 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll2014-08-13 17:39 - 2014-06-17 13:25 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS2014-08-13 17:36 - 2013-08-21 21:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb2014-08-13 17:36 - 2013-08-21 20:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll2014-08-13 17:36 - 2013-08-21 20:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll2014-08-13 17:35 - 2014-03-18 03:13 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe2014-08-13 17:35 - 2014-03-18 03:13 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll2014-08-13 17:35 - 2014-03-18 03:13 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll2014-08-13 17:35 - 2013-08-22 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb2014-08-13 17:35 - 2013-08-22 04:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll2014-08-13 17:35 - 2013-08-22 04:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll2014-08-13 17:35 - 2013-08-22 04:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll2014-08-13 17:35 - 2013-08-22 04:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll2014-08-13 17:35 - 2013-08-22 04:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe2014-08-13 17:35 - 2013-08-22 03:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll2014-08-13 17:35 - 2013-08-21 20:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll2014-08-13 17:35 - 2013-08-21 20:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll2014-08-13 17:35 - 2013-08-21 20:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk2014-08-12 21:43 - 2014-06-16 16:16 - 00003334 _____ () C:\WINDOWS\System32\Tasks\AcerCloud2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_142014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_142014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_492014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_492014-08-06 19:12 - 2014-08-15 07:23 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll2014-08-06 15:39 - 2014-08-15 07:23 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2014-08-06 15:38 - 2014-08-15 07:24 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll2014-08-05 19:05 - 2014-08-11 07:32 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe2014-08-01 22:44 - 2014-08-15 07:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll2014-08-01 20:56 - 2014-08-15 07:23 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll2014-08-01 20:11 - 2014-08-15 07:23 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll2014-08-01 17:17 - 2013-08-22 08:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2014-08-01 17:17 - 2013-08-22 08:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cplSome content of TEMP:====================C:\Users\judy\AppData\Local\Temp\5A48_DriverRestore_EN.exeC:\Users\judy\AppData\Local\Temp\air1370.exeC:\Users\judy\AppData\Local\Temp\air18C5.exeC:\Users\judy\AppData\Local\Temp\air240D.exeC:\Users\judy\AppData\Local\Temp\air2474.exeC:\Users\judy\AppData\Local\Temp\air274F.exeC:\Users\judy\AppData\Local\Temp\air2ADB.exeC:\Users\judy\AppData\Local\Temp\air4025.exeC:\Users\judy\AppData\Local\Temp\air66A0.exeC:\Users\judy\AppData\Local\Temp\air7DCB.exeC:\Users\judy\AppData\Local\Temp\air9DEF.exeC:\Users\judy\AppData\Local\Temp\airA76F.exeC:\Users\judy\AppData\Local\Temp\DRHelper_installFinish.exeC:\Users\judy\AppData\Local\Temp\DRHelper_installStart.exeC:\Users\judy\AppData\Local\Temp\F7B9_SpybotSD2.exeC:\Users\judy\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exeC:\Users\judy\AppData\Local\Temp\post1.exeC:\Users\judy\AppData\Local\Temp\post2.dllC:\Users\judy\AppData\Local\Temp\post2.exeC:\Users\judy\AppData\Local\Temp\setup.exeC:\Users\judy\AppData\Local\Temp\SfpcHelper_installFinish.exeC:\Users\judy\AppData\Local\Temp\SfpcHelper_installStart.exeC:\Users\judy\AppData\Local\Temp\SHSetup.exe==================== Bamital & volsnap Check =================(There is no automatic fix for files that do not pass verification.)C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2014-08-28 11:10==================== End Of Log ============================
OK I am surprised that windows actually runs to be honest... Lets now kill all rubbish
If you have problems copying all the fix into a fixlist.txt then I have attached the same fix here. Just save the fixlist,txt to the same location as FRST and then press fix
fixlist.txt
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
Save this as fixlist.txt, in the same location as FRST.exe2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
C:\Program Files (x86)\Inbox Toolbar
C:\Users\judy\AppData\Roaming\ContentExplorer
C:\Program Files (x86)\Inbox3
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\InboxAce_1g
C:\Program Files (x86)\MyFunCards_5m
C:\Program Files (x86)\WSE_Astromenda
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\TotalRecipeSearch_14
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\ver1BlockAndSurf
C:\Users\judy\AppData\Roaming\VOPackage
C:\Program Files (x86)\TidyNetwork
C:\Users\judy\AppData\Local\DesktopTemperature
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset /c
CMD: netsh advfirewall set allprofiles state ON /c
CMD: ipconfig /flushdns /c
CMD: netsh winsock reset catalog /c
CMD: netsh int ip reset c:\resetlog.txt /c
CMD: ipconfig /release /c
CMD: ipconfig /renew /c
EmptyTemp:
CMD: bitsadmin /reset /allusers
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.FINALLY
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click on Scan.
- After the scan is complete click on "Clean"
- Confirm each time with Ok.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile with your next answer.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
A fresh FRST scan to see what I missed
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Select additions at the bottom
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please attach both logs generated.
OK I am surprised that windows actually runs to be honest... Lets now kill all rubbish
If you have problems copying all the fix into a fixlist.txt then I have attached the same fix here. Just save the fixlist,txt to the same location as FRST and then press fix
fixlist.txt
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
Save this as fixlist.txt, in the same location as FRST.exe2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
C:\Program Files (x86)\Inbox Toolbar
C:\Users\judy\AppData\Roaming\ContentExplorer
C:\Program Files (x86)\Inbox3
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\InboxAce_1g
C:\Program Files (x86)\MyFunCards_5m
C:\Program Files (x86)\WSE_Astromenda
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\TotalRecipeSearch_14
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\ver1BlockAndSurf
C:\Users\judy\AppData\Roaming\VOPackage
C:\Program Files (x86)\TidyNetwork
C:\Users\judy\AppData\Local\DesktopTemperature
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset /c
CMD: netsh advfirewall set allprofiles state ON /c
CMD: ipconfig /flushdns /c
CMD: netsh winsock reset catalog /c
CMD: netsh int ip reset c:\resetlog.txt /c
CMD: ipconfig /release /c
CMD: ipconfig /renew /c
EmptyTemp:
CMD: bitsadmin /reset /allusers
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.FINALLY
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click on Scan.
- After the scan is complete click on "Clean"
- Confirm each time with Ok.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile with your next answer.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
A fresh FRST scan to see what I missed
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Select additions at the bottom
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please attach both logs generated.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014Ran by judy (administrator) on JUDYSPC on 28-08-2014 11:41:55Running from C:\Users\judy\DownloadsPlatform: Windows 8.1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo...very-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe(COMPANYVERS_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe(COMPANYVERS_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe() C:\Program Files (x86)\pastaleads\PastaLeadsService.exe() C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe(Soluto) C:\Program Files\Soluto\SolutoService.exe(COMPANYVERS_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe(COMPANYVERS_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Soluto) C:\Program Files\Soluto\Soluto.exe() C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe() C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe() C:\Program Files (x86)\ver1BlockAndSurf\BlockAndSurf.exe(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe( ) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe( ) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe( ) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe( ) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe(Inbox.com) C:\Program Files (x86)\Inbox3\Inbox3Tray.exe(ContentExplorer) C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe(System Alerts LLC) C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe(Acer Incorporated) C:\Users\judy\AppData\Local\clear.fi\Portal\AcerPortalSetup.exe(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Farbar) C:\Users\judy\Downloads\FRST64 (1).exe==================== Registry (Whitelisted) ==================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-17] (Realtek Semiconductor)HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-13] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [52992 2014-08-06] (Acer Incorporated)HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()HKLM-x32\...\Run: [fst_us_228] => "C:\Program Files (x86)\fst_us_228\fst_us_228.exe"HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)HKLM-x32\...\RunOnce: [upfst_us_228.exe] => C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe [3337208 2014-08-25] ()HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinitHKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Qualcomm Atheros Commnucations))HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2569984 2014-08-06] (Acer)HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not FoundStartup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnkShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnkShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)ShellIconOverlayIdentifiers: ACloudSyncedRF -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)ShellIconOverlayIdentifiers: ACloudSyncedSF -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)ShellIconOverlayIdentifiers: ACloudSyncing -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)ShellIconOverlayIdentifiers: ACloudToBeSynced -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)BootExecute: autocheck autochk * sdnclean64.exeGroupPolicy: Group Policy on Chrome detected <======= ATTENTION==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yesHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yesHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yesHKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No FileStartMenuInternet: IEXPLORE.EXE - iexplore.exeSearchScopes: HKLM - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJSSearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}SearchScopes: HKLM - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJSSearchScopes: HKLM-x32 - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJSSearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}SearchScopes: HKLM-x32 - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJSSearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=enSearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=enSearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No FileHandler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100FireFox:========FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No FileFF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpiFF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]Chrome:=======CHR StartupUrls: Default -> "hxxp://www.google.com"CHR Profile: C:\Users\judy\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-14]CHR Extension: (Google Drive) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-14]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-21]CHR Extension: (YouTube) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-14]CHR Extension: (Google Search) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-14]CHR Extension: (Google Wallet) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]CHR Extension: (Gmail) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-14]==================== Services (Whitelisted) =================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3058944 2014-08-06] (Acer Incorporated)S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [356432 2014-06-25] (Term Tutor)R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-16] (AVG Secure Search)R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-17] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-17] (Microsoft Corporation)==================== Drivers (Whitelisted) ====================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-11-30] (Qualcomm Atheros, Inc.)R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-08-16] (AVG Technologies)R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-20] ()R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-06-25] (Term Tutor)R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-17] (Microsoft Corporation)R2 webinstr; C:\WINDOWS\system32\Drivers\webinstr.sys [58040 2014-08-27] (Corsica)R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]U2 TMAgent; No ImagePath==================== NetSvcs (Whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)==================== One Month Created Files and Folders ========(If an entry is included in the fixlist, the file\folder will be moved.)2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe2014-08-28 11:41 - 2014-08-28 11:42 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt2014-08-28 11:41 - 2014-08-28 11:42 - 00000000 ____D () C:\FRST2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe2014-08-28 11:35 - 2014-08-28 11:36 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP12014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP32014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP22014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log2014-08-27 23:08 - 2014-08-28 11:27 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_2282014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_2282014-08-27 23:04 - 2014-08-28 12:57 - 00000085 _____ () C:\WINDOWS\wininit.ini2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore2014-08-27 22:59 - 2014-07-01 10:37 - 00020872 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS2014-08-27 22:58 - 2014-08-27 22:59 - 00000000 ____D () C:\Program Files (x86)\DriverRestore2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit2014-08-27 18:06 - 2014-08-28 12:58 - 00007878 _____ () C:\WINDOWS\PFRO.log2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids2014-08-16 07:53 - 2014-08-16 07:54 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar2014-08-16 07:48 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll2014-08-16 07:48 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll2014-08-15 07:39 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe2014-08-15 07:39 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll2014-08-15 07:39 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll2014-08-15 07:39 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll2014-08-15 07:39 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll2014-08-15 07:39 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys2014-08-15 07:39 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll2014-08-15 07:39 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll2014-08-15 07:38 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2014-08-15 07:38 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2014-08-15 07:38 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll2014-08-15 07:38 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll2014-08-15 07:38 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2014-08-15 07:38 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2014-08-15 07:38 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll2014-08-15 07:38 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll2014-08-15 07:38 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll2014-08-15 07:38 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2014-08-15 07:38 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll2014-08-15 07:38 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll2014-08-15 07:38 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl2014-08-15 07:38 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll2014-08-15 07:38 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll2014-08-15 07:38 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2014-08-15 07:38 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll2014-08-15 07:38 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl2014-08-15 07:38 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2014-08-15 07:38 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2014-08-15 07:38 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll2014-08-15 07:38 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2014-08-15 07:37 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2014-08-15 07:37 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll2014-08-15 07:37 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll2014-08-15 07:37 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll2014-08-15 07:37 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll2014-08-15 07:37 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll2014-08-15 07:37 - 2014-07-25 04:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll2014-08-15 07:37 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll2014-08-15 07:37 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2014-08-15 07:37 - 2014-07-25 04:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll2014-08-15 07:37 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2014-08-15 07:37 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll2014-08-15 07:37 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2014-08-15 07:31 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll2014-08-15 07:31 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll2014-08-15 07:31 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll2014-08-15 07:30 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll2014-08-15 07:30 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll2014-08-15 07:30 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll2014-08-15 07:30 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll2014-08-15 07:30 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll2014-08-15 07:30 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll2014-08-15 07:30 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll2014-08-15 07:30 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys2014-08-15 07:30 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll2014-08-15 07:30 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll2014-08-15 07:30 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll2014-08-15 07:30 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll2014-08-15 07:30 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll2014-08-15 07:29 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll2014-08-15 07:29 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll2014-08-15 07:29 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll2014-08-15 07:29 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll2014-08-15 07:27 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL2014-08-15 07:26 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll2014-08-15 07:26 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll2014-08-15 07:26 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll2014-08-15 07:26 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll2014-08-15 07:26 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys2014-08-15 07:25 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys2014-08-15 07:25 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe2014-08-15 07:25 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll2014-08-15 07:25 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll2014-08-15 07:25 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll2014-08-15 07:25 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat2014-08-15 07:25 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys2014-08-15 07:25 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys2014-08-15 07:25 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe2014-08-15 07:25 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe2014-08-15 07:25 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll2014-08-15 07:25 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll2014-08-15 07:25 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL2014-08-15 07:25 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll2014-08-15 07:25 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll2014-08-15 07:25 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll2014-08-15 07:25 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll2014-08-15 07:25 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll2014-08-15 07:24 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll2014-08-15 07:24 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll2014-08-15 07:24 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll2014-08-15 07:24 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll2014-08-15 07:24 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe2014-08-15 07:23 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll2014-08-15 07:23 - 2014-08-06 15:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2014-08-15 07:23 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll2014-08-15 07:23 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll2014-08-15 07:23 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe2014-08-15 07:23 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll2014-08-15 07:23 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll2014-08-15 07:23 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll2014-08-15 07:23 - 2014-05-31 03:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS2014-08-15 07:23 - 2014-05-31 03:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys2014-08-15 07:23 - 2014-05-31 03:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys2014-08-15 07:23 - 2014-05-31 03:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys2014-08-15 07:23 - 2014-05-31 03:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys2014-08-15 07:23 - 2014-05-30 23:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys2014-08-15 07:23 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys2014-08-15 07:23 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys2014-08-15 07:23 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe2014-08-15 07:23 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll2014-08-15 07:23 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll2014-08-15 07:23 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys2014-08-15 07:23 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll2014-08-15 07:23 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll2014-08-15 07:23 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll2014-08-15 07:23 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk2014-08-14 20:05 - 2014-08-28 11:26 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log2014-08-14 19:44 - 2014-08-28 13:01 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner2014-08-14 19:42 - 2014-08-28 13:01 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2014-08-14 19:42 - 2014-08-28 13:01 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2014-08-14 19:42 - 2014-08-14 19:56 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2014-08-14 19:42 - 2014-08-14 19:56 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Users\judy\AppData\Local\Google2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files (x86)\Google2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT22014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif2014-08-14 18:54 - 2014-08-16 14:06 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar2014-08-14 18:54 - 2014-08-16 07:53 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search2014-08-14 18:51 - 2014-08-14 18:52 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe2014-08-13 20:38 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe2014-08-13 20:38 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll2014-08-13 20:38 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll2014-08-13 20:38 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll2014-08-13 20:38 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll2014-08-13 20:38 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll2014-08-13 20:38 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_142014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_142014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_492014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49==================== One Month Modified Files and Folders =======(If an entry is included in the fixlist, the file\folder will be moved.)2014-08-28 13:09 - 2014-08-27 23:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job2014-08-28 13:03 - 2014-03-18 03:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2014-08-28 13:02 - 2014-06-01 07:00 - 00000000 ____D () C:\Users\judy\AppData\Local\clear.fi2014-08-28 13:01 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature2014-08-28 13:01 - 2014-08-14 19:44 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-08-28 13:01 - 2014-08-14 19:42 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2014-08-28 13:01 - 2014-08-14 19:42 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2014-08-28 13:01 - 2014-06-17 15:34 - 00000000 ___DO () C:\Users\judy\OneDrive2014-08-28 13:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru2014-08-28 12:59 - 2014-08-27 23:09 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job2014-08-28 12:58 - 2014-08-27 18:06 - 00007878 _____ () C:\WINDOWS\PFRO.log2014-08-28 12:58 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2014-08-28 12:57 - 2014-08-27 23:04 - 00000085 _____ () C:\WINDOWS\wininit.ini2014-08-28 12:56 - 2014-03-15 00:56 - 00000304 _____ () C:\WINDOWS\Tasks\UpdaterEX.job2014-08-28 12:16 - 2014-08-28 12:15 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe2014-08-28 12:09 - 2014-03-15 00:56 - 00000134 _____ () C:\Users\judy\AppData\Roaming\WB.CFG2014-08-28 11:45 - 2014-06-12 06:09 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{845855BE-4589-4F75-966A-FA55784F54FD}2014-08-28 11:42 - 2014-08-28 11:41 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt2014-08-28 11:42 - 2014-08-28 11:41 - 00000000 ____D () C:\FRST2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe2014-08-28 11:36 - 2014-08-28 11:35 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm2014-08-28 11:27 - 2014-08-27 23:08 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_2282014-08-28 11:26 - 2014-08-14 20:05 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log2014-08-28 11:20 - 2014-02-02 17:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-10012014-08-28 11:14 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2014-08-28 11:10 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp2014-08-27 23:35 - 2014-08-27 23:13 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job2014-08-27 23:19 - 2014-07-09 04:26 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk2014-08-27 23:19 - 2014-06-16 16:04 - 00000000 ____D () C:\ProgramData\clear.fi2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\Program Files (x86)\Acer2014-08-27 23:15 - 2014-08-27 23:13 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP12014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP32014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP22014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup2014-08-27 23:13 - 2014-08-27 23:12 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp2014-08-27 23:12 - 2014-07-10 13:41 - 00002005 _____ () C:\Users\Public\Desktop\abPhoto.lnk2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log2014-08-27 23:09 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_2282014-08-27 23:07 - 2014-08-27 23:00 - 00000000 ____D () C:\ProgramData\pastaleads2014-08-27 23:05 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore2014-08-27 22:59 - 2014-08-27 22:58 - 00000000 ____D () C:\Program Files (x86)\DriverRestore2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit2014-08-27 22:34 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF2014-08-27 22:28 - 2014-08-11 07:34 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)2014-08-27 17:17 - 2013-08-03 04:03 - 00000000 ____D () C:\ProgramData\OEM2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar2014-08-22 06:58 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache2014-08-16 14:06 - 2014-08-14 18:54 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar2014-08-16 12:06 - 2014-02-02 17:41 - 00000000 ____D () C:\Program Files (x86)\Knight System Protector2014-08-16 12:00 - 2013-08-22 07:44 - 00335784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2014-08-16 11:57 - 2014-07-12 22:28 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel2014-08-16 11:57 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids2014-08-16 07:54 - 2014-08-16 07:53 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar2014-08-16 07:53 - 2014-08-14 18:54 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search2014-08-14 20:11 - 2014-08-14 20:09 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk2014-08-14 20:09 - 2014-08-11 07:33 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak2014-08-14 19:58 - 2014-06-17 13:46 - 00000000 ___DC () C:\WINDOWS\Panther2014-08-14 19:58 - 2014-02-02 17:30 - 00000000 ____D () C:\Users\judy\AppData\Local\CrashDumps2014-08-14 19:56 - 2014-08-14 19:42 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2014-08-14 19:56 - 2014-08-14 19:42 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Users\judy\AppData\Local\Google2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files (x86)\Google2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT22014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork2014-08-14 19:33 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Resources2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search2014-08-14 18:52 - 2014-08-14 18:51 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe2014-08-14 08:33 - 2014-02-05 11:59 - 00000000 ____D () C:\WINDOWS\system32\MRT2014-08-14 08:31 - 2014-02-05 11:59 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2014-08-13 20:36 - 2014-03-18 03:13 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll2014-08-13 17:39 - 2014-06-17 13:25 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS2014-08-13 17:36 - 2013-08-21 21:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb2014-08-13 17:36 - 2013-08-21 20:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll2014-08-13 17:36 - 2013-08-21 20:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll2014-08-13 17:35 - 2014-03-18 03:13 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe2014-08-13 17:35 - 2014-03-18 03:13 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll2014-08-13 17:35 - 2014-03-18 03:13 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll2014-08-13 17:35 - 2013-08-22 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb2014-08-13 17:35 - 2013-08-22 04:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll2014-08-13 17:35 - 2013-08-22 04:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll2014-08-13 17:35 - 2013-08-22 04:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll2014-08-13 17:35 - 2013-08-22 04:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll2014-08-13 17:35 - 2013-08-22 04:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe2014-08-13 17:35 - 2013-08-22 03:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll2014-08-13 17:35 - 2013-08-21 20:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll2014-08-13 17:35 - 2013-08-21 20:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll2014-08-13 17:35 - 2013-08-21 20:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk2014-08-12 21:43 - 2014-06-16 16:16 - 00003334 _____ () C:\WINDOWS\System32\Tasks\AcerCloud2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_142014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_142014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_492014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_492014-08-06 19:12 - 2014-08-15 07:23 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll2014-08-06 15:39 - 2014-08-15 07:23 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2014-08-06 15:38 - 2014-08-15 07:24 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll2014-08-05 19:05 - 2014-08-11 07:32 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe2014-08-01 22:44 - 2014-08-15 07:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll2014-08-01 20:56 - 2014-08-15 07:23 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll2014-08-01 20:11 - 2014-08-15 07:23 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll2014-08-01 17:17 - 2013-08-22 08:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2014-08-01 17:17 - 2013-08-22 08:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cplSome content of TEMP:====================C:\Users\judy\AppData\Local\Temp\5A48_DriverRestore_EN.exeC:\Users\judy\AppData\Local\Temp\air1370.exeC:\Users\judy\AppData\Local\Temp\air18C5.exeC:\Users\judy\AppData\Local\Temp\air240D.exeC:\Users\judy\AppData\Local\Temp\air2474.exeC:\Users\judy\AppData\Local\Temp\air274F.exeC:\Users\judy\AppData\Local\Temp\air2ADB.exeC:\Users\judy\AppData\Local\Temp\air4025.exeC:\Users\judy\AppData\Local\Temp\air66A0.exeC:\Users\judy\AppData\Local\Temp\air7DCB.exeC:\Users\judy\AppData\Local\Temp\air9DEF.exeC:\Users\judy\AppData\Local\Temp\airA76F.exeC:\Users\judy\AppData\Local\Temp\DRHelper_installFinish.exeC:\Users\judy\AppData\Local\Temp\DRHelper_installStart.exeC:\Users\judy\AppData\Local\Temp\F7B9_SpybotSD2.exeC:\Users\judy\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exeC:\Users\judy\AppData\Local\Temp\post1.exeC:\Users\judy\AppData\Local\Temp\post2.dllC:\Users\judy\AppData\Local\Temp\post2.exeC:\Users\judy\AppData\Local\Temp\setup.exeC:\Users\judy\AppData\Local\Temp\SfpcHelper_installFinish.exeC:\Users\judy\AppData\Local\Temp\SfpcHelper_installStart.exeC:\Users\judy\AppData\Local\Temp\SHSetup.exe==================== Bamital & volsnap Check =================(There is no automatic fix for files that do not pass verification.)C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2014-08-28 11:10==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014Ran by judy at 2014-08-28 14:24:53Running from C:\Users\judy\DownloadsBoot Mode: Normal============================================================================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hiddenclear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) HiddenabMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2007.2 - Acer Incorporated)abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2011.1 - Acer Incorporated)Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Acer Incorporated)Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.01.2011 - Acer Incorporated)Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)AMD Accelerated Video Transcoding (Version: 12.10.100.30313 - Advanced Micro Devices, Inc.) HiddenAMD Catalyst Install Manager (HKLM\...\{29200C76-2ADF-0C62-BE0D-2AC087740379}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)AMD VISION Engine Control Center (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) HiddenAnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.1 - CMI Limited) <==== ATTENTIONAOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2012.1 - Acer Incorporated)AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)BlockAndSurf (HKLM-x32\...\00ACB724-76B2-5971-98E5-D94B76948A5B) (Version: - BlockAndSurf-software) <==== ATTENTIONCatalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Graphics Previews Common (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center InstallProxy (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Localization All (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Standard (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Traditional (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Czech (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Danish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Dutch (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help English (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Finnish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help French (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help German (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Greek (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Hungarian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Italian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Japanese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Korean (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Norwegian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Polish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Portuguese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Russian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Spanish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Swedish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Thai (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) HiddenCCC Help Turkish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hiddenccc-utility64 (Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) HiddenCCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)ContentExplorer (HKLM-x32\...\ContentExplorer) (Version: 8.4 - ContentExplorer.net)Desktop Temperature Monitor (HKCU\...\Desktop Temperature Monitor) (Version: 1.24.0.0 - System Alerts LLC)DriverRestore (HKLM\...\DriverRestore) (Version: 1.0 - 383 Media, Inc.)Extended Update (HKCU\...\UpdaterEX) (Version: - Extended Update) <==== ATTENTIONFacebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)FreeSoftToday 025.228 (HKLM-x32\...\fst_us_228_is1) (Version: - FREESOFTTODAY) <==== ATTENTIONGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.24.15 - Google Inc.) HiddenIdentity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)Inbox Toolbar (HKLM-x32\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 2.0.1.106 - Xacti, LLC)Inbox3 (HKLM-x32\...\{E5E22EB4-B322-411C-BACB-263300A3D80E}_is1) (Version: 1.0.0.12 - Inbox.com)InboxAce Internet Explorer Toolbar (HKLM-x32\...\InboxAce_1gbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTIONLive Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) HiddenMicrosoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) HiddenMyFunCards Internet Explorer Toolbar (HKLM-x32\...\MyFunCards_5mbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTIONMyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTIONOEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)PastaQuotes (HKLM-x32\...\pastaleads) (Version: 1.2.1.0 - PastaLeads)QCA CardReader Driver Installer (HKLM-x32\...\{4E0BC999-655B-421D-87F3-640C6F2BFC11}) (Version: 1.0.1.34 - Qualcomm Inc.)Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.49 - Qualcomm Atheros)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTIONShared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)Soluto (HKLM\...\{A40888FC-B545-46F3-8628-6AE98C1C75C6}) (Version: 1.3.1193.1 - Soluto)Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)Term Tutor (HKLM-x32\...\TermTutor) (Version: 1.9.0.6 - Term Tutor)The Sea App (Internet Explorer) (HKLM-x32\...\The Sea App) (Version: - Growth Systems, LLC) <==== ATTENTIONTidyNetwork (HKCU\...\TidyNetwork) (Version: - TidyNetwork)TotalRecipeSearch Internet Explorer Toolbar (HKLM-x32\...\TotalRecipeSearch_14bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTIONUtility Chest Internet Explorer Toolbar (HKLM-x32\...\UtilityChest_49bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTIONVisual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) HiddenVisual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)WSE_Astromenda (HKLM-x32\...\WSE_Astromenda) (Version: - WSE_Astromenda) <==== ATTENTION==================== Custom CLSID (selected items): ==========================(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)==================== Restore Points =========================22-08-2014 06:51:41 Scheduled Checkpoint28-08-2014 20:09:45 Windows Update==================== Hosts content: ==========================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts==================== Scheduled Tasks (whitelisted) =============(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTaskTask: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {1C089B1B-6BA0-49C2-B594-F708C1B8B503} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)Task: {1D3A0C7B-5AD3-4B84-A478-B293255849AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {26223B8B-B407-4AE0-8EA5-90D9299BDC87} - System32\Tasks\TidyNetwork Update => C:\Users\judy\AppData\Local\TidyNetwork\petnupdate.exe [2014-08-14] ()Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulateTask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)Task: {39295545-2169-47A5-B5F1-3DCB98334328} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-08-06] (Acer)Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTIONTask: {4898B40A-C3FD-4C18-9262-36FA84EA356B} - System32\Tasks\Microsoft\Windows\SysResetLogSuccess => Rundll32.exe ResetEng.dll,RjvLogSuccessEntryPointTask: {48DC7E0D-1F64-462F-B7AE-122F88E9FD96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14] (Google Inc.)Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalanceTask: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play CleanupTask: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance TaskTask: {6F170458-AB97-4224-AD0C-EC073725BB86} - System32\Tasks\PastaQuotes => C:\Program Files (x86)\pastaleads\ScheduledTask.exe [2014-06-18] ()Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: {75600F68-68BB-4EFA-B301-3CC2C08023AD} - System32\Tasks\DriverRestore_DailyScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-07-06] ()Task: {76A4B948-019E-42AA-8979-F76AC472004D} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-03-14] (Acer Incorporate)Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTIONTask: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance TaskTask: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTaskTask: {8E61A2C1-0631-433D-9DA3-4F799E1DB1BB} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()Task: {959909FF-A127-491D-8A16-E6CC8D046625} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauservTask: {973B237C-ED4A-4DDF-86D4-C69CD82AE18E} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUploadTask: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance WorkTask: {A07D2BE3-7F59-496C-8DD4-2202A46969E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14] (Google Inc.)Task: {B87C0074-F507-4AF6-B410-AC3CCD885250} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()Task: {B8EC8ECD-4AB1-4B70-9505-C4EF5E47C16E} - System32\Tasks\ASP => C:\Program Files (x86)\Tuneup pro\SystweakASP.exeTask: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\DiagnosticsTask: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTIONTask: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTIONTask: {CD9C8B1F-E1E7-4D89-BBA7-F99D03386E21} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-14] (Microsoft Corporation)Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTaskTask: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)Task: {D136D828-6ADE-43E0-9102-FA020971E586} - System32\Tasks\Knight System Protector Startup => C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe [2013-12-17] ()Task: {D6A24AB9-2B6F-406C-8FF1-3AA5B229CCA0} - System32\Tasks\DriverRestore_ScheduledScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-07-06] ()Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon SynchronizationTask: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-ValidationTask: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-ManagementTask: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRETask: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTIONTask: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTIONTask: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTIONTask: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTIONTask: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTIONTask: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTIONTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTIONTask: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION==================== Loaded Modules (whitelisted) =============2014-06-18 00:47 - 2014-06-18 00:47 - 00384408 _____ () C:\Program Files (x86)\pastaleads\PastaLeadsService.exe2014-08-27 23:00 - 2014-08-27 23:00 - 00071680 _____ () C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe2013-01-29 12:28 - 2013-01-29 12:28 - 00109024 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll2013-01-29 12:28 - 2013-01-29 12:28 - 00055352 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll2014-07-12 18:02 - 2014-07-12 18:02 - 00101376 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Management\48a5e4128a7c4b39f813961b46af6c3d\Windows.Management.ni.dll2014-07-12 18:00 - 2014-07-12 18:00 - 01782784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\43b92b6dbc9eb61983817ea32346d510\Windows.ApplicationModel.ni.dll2014-07-12 18:00 - 2014-07-12 18:00 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\d1c5274ccd6fb2b4b5dbddd0f0ca6c6e\Windows.System.ni.dll2014-07-12 17:59 - 2014-07-12 17:59 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\057b7043f4868b76c209d9c426b80743\Windows.Foundation.ni.dll2014-08-16 07:53 - 2014-08-16 07:53 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe2013-01-29 12:28 - 2013-01-29 12:28 - 00109024 _____ () c:\program files\soluto\PCGDllExportInspector.dll2014-02-02 17:41 - 2013-12-17 20:07 - 02159864 _____ () C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe2014-08-27 23:08 - 2014-08-25 12:00 - 03337208 _____ () C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe2014-08-27 23:09 - 2014-08-27 23:09 - 00104960 _____ () C:\Program Files (x86)\ver1BlockAndSurf\BlockAndSurf.exe2013-04-15 11:23 - 2013-04-15 11:23 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll2013-04-15 11:20 - 2013-04-15 11:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll2013-04-15 11:25 - 2013-04-15 11:25 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe2014-08-27 23:09 - 2014-08-27 23:09 - 01072128 _____ () C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe2014-07-22 06:07 - 2014-07-22 06:07 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll2014-07-22 06:02 - 2014-07-22 06:02 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll2014-08-14 18:53 - 2014-08-25 18:24 - 02640408 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe2013-08-03 04:12 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll2014-03-03 18:55 - 2014-03-03 18:55 - 01046288 _____ () C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll2014-08-16 07:53 - 2014-08-16 07:53 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll2014-08-22 18:21 - 2014-08-22 18:21 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll2014-08-22 18:21 - 2014-08-22 18:21 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll2014-08-22 18:21 - 2014-08-22 18:21 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll2014-08-22 18:21 - 2014-08-22 18:21 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll2014-08-12 21:42 - 2014-08-12 21:42 - 00015616 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll2014-08-06 16:47 - 2014-08-06 16:47 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll2014-08-06 16:44 - 2014-08-06 16:44 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll==================== Alternate Data Streams (whitelisted) =========(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)AlternateDataStreams: C:\Users\judy\OneDrive:ms-propertiesAlternateDataStreams: C:\Users\judy\SkyDrive:ms-properties==================== Safe Mode (whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)==================== EXE Association (whitelisted) =============(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)==================== MSCONFIG/TASK MANAGER disabled items =========(Currently there is no automatic fix for this section.)==================== Faulty Device Manager Devices ================================= Event log errors: =========================Application errors:==================Error: (08/28/2014 00:05:56 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program chrome.exe version 36.0.1985.143 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: 17b0Start Time: 01cfc2edc83462f9Termination Time: 81Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exeReport Id: 481ba925-2ee6-11e4-be88-0c84dca60c86Faulting package full name:Faulting package-relative application ID:Error: (08/28/2014 11:27:03 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: AnyProtect.exe, version: 1.0.0.1, time stamp: 0x53fded89Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000Exception code: 0xc0000005Fault offset: 0x00000000Faulting process id: 0x3dcFaulting application start time: 0xAnyProtect.exe0Faulting application path: AnyProtect.exe1Faulting module path: AnyProtect.exe2Report Id: AnyProtect.exe3Faulting package full name: AnyProtect.exe4Faulting package-relative application ID: AnyProtect.exe5Error: (08/28/2014 11:14:42 AM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program wwahost.exe version 6.3.9600.17031 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: 65cStart Time: 01cfc2fbf734122cTermination Time: 4294967295Application Path: C:\WINDOWS\syswow64\wwahost.exeReport Id: 2c0d757b-2edf-11e4-be88-0c84dca60c86Faulting package full name: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cFaulting package-relative application ID: AppError: (08/28/2014 00:44:05 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0Faulting module name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0Exception code: 0xc0000005Fault offset: 0x00009b10Faulting process id: 0xfdcFaulting application start time: 0xupfst_us_228.exe0Faulting application path: upfst_us_228.exe1Faulting module path: upfst_us_228.exe2Report Id: upfst_us_228.exe3Faulting package full name: upfst_us_228.exe4Faulting package-relative application ID: upfst_us_228.exe5Error: (08/28/2014 11:53:22 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: nMsNhQLsuy.exe, version: 1.0.0.0, time stamp: 0x53bad802Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53649e73Exception code: 0xc0000005Fault offset: 0x000000000003b2f8Faulting process id: 0x144cFaulting application start time: 0xnMsNhQLsuy.exe0Faulting application path: nMsNhQLsuy.exe1Faulting module path: nMsNhQLsuy.exe2Report Id: nMsNhQLsuy.exe3Faulting package full name: nMsNhQLsuy.exe4Faulting package-relative application ID: nMsNhQLsuy.exe5Error: (08/28/2014 11:52:45 AM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program iexplore.exe version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: 1b50Start Time: 01cfc28acd367171Termination Time: 218Application Path: C:\Program Files\Internet Explorer\iexplore.exeReport Id: 7ae76496-2ee4-11e4-be86-0c84dca60c86Faulting package full name:Faulting package-relative application ID:Error: (08/28/2014 11:52:39 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: nMsNhQLsuy.exe, version: 1.0.0.0, time stamp: 0x53bad802Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532954fbException code: 0xc06d007eFault offset: 0x0000000000005bf8Faulting process id: 0x144cFaulting application start time: 0xnMsNhQLsuy.exe0Faulting application path: nMsNhQLsuy.exe1Faulting module path: nMsNhQLsuy.exe2Report Id: nMsNhQLsuy.exe3Faulting package full name: nMsNhQLsuy.exe4Faulting package-relative application ID: nMsNhQLsuy.exe5Error: (08/28/2014 11:44:02 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0Faulting module name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0Exception code: 0xc0000005Fault offset: 0x00009b10Faulting process id: 0x1dacFaulting application start time: 0xupfst_us_228.exe0Faulting application path: upfst_us_228.exe1Faulting module path: upfst_us_228.exe2Report Id: upfst_us_228.exe3Faulting package full name: upfst_us_228.exe4Faulting package-relative application ID: upfst_us_228.exe5Error: (08/28/2014 11:42:00 AM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program iexplore.exe version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: 14f4Start Time: 01cfc28c65a708caTermination Time: 109Application Path: C:\Program Files\Internet Explorer\iexplore.exeReport Id: fdf3107e-2ee2-11e4-be86-0c84dca60c86Faulting package full name:Faulting package-relative application ID:Error: (08/28/2014 11:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: abPhoto.exe, version: 3.0.2011.0, time stamp: 0x53f71973Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5Exception code: 0xc0000005Fault offset: 0x00056b1dFaulting process id: 0x1364Faulting application start time: 0xabPhoto.exe0Faulting application path: abPhoto.exe1Faulting module path: abPhoto.exe2Report Id: abPhoto.exe3Faulting package full name: abPhoto.exe4Faulting package-relative application ID: abPhoto.exe5System errors:=============Error: (08/28/2014 00:59:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Computer Backup (MyPC Backup) service failed to start due to the following error:%%1053Error: (08/28/2014 00:59:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.Error: (08/28/2014 00:58:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )Description: The Superfetch service terminated with the following error:%%1062Error: (08/28/2014 00:56:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The hhVqPjMye service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.Error: (08/27/2014 11:37:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 51.Error: (08/27/2014 11:11:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:%%14001Error: (08/27/2014 11:06:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Computer Backup (MyPC Backup) service failed to start due to the following error:%%1053Error: (08/27/2014 11:06:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.Error: (08/27/2014 11:04:44 PM) (Source: DCOM) (EventID: 10010) (User: JUDYSPC)Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}Error: (08/27/2014 11:04:44 PM) (Source: DCOM) (EventID: 10010) (User: JUDYSPC)Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}Microsoft Office Sessions:=========================Error: (08/28/2014 00:05:56 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: chrome.exe36.0.1985.14317b001cfc2edc83462f981C:\Program Files (x86)\Google\Chrome\Application\chrome.exe481ba925-2ee6-11e4-be88-0c84dca60c86Error: (08/28/2014 11:27:03 AM) (Source: Application Error) (EventID: 1000) (User: )Description: AnyProtect.exe1.0.0.153fded89unknown0.0.0.000000000c0000005000000003dc01cfc2fac0c0453aC:\Program Files (x86)\AnyProtectEx\AnyProtect.exeunknowne7e858bd-2ee0-11e4-be88-0c84dca60c86Error: (08/28/2014 11:14:42 AM) (Source: Application Hang) (EventID: 1002) (User: )Description: wwahost.exe6.3.9600.1703165c01cfc2fbf734122c4294967295C:\WINDOWS\syswow64\wwahost.exe2c0d757b-2edf-11e4-be88-0c84dca60c86Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cAppError: (08/28/2014 00:44:05 PM) (Source: Application Error) (EventID: 1000) (User: )Description: upfst_us_228.exe1.0.0.153fb01c0upfst_us_228.exe1.0.0.153fb01c0c000000500009b10fdc01cfc2f86cd8259fC:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exeC:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exeaac12db9-2eeb-11e4-be86-0c84dca60c86Error: (08/28/2014 11:53:22 AM) (Source: Application Error) (EventID: 1000) (User: )Description: nMsNhQLsuy.exe1.0.0.053bad802ntdll.dll6.3.9600.1711453649e73c0000005000000000003b2f8144c01cfc2f13d577500C:\ProgramData\VdUfCdBZX\dat\nMsNhQLsuy.exeC:\WINDOWS\SYSTEM32\ntdll.dll95346cd4-2ee4-11e4-be86-0c84dca60c86Error: (08/28/2014 11:52:45 AM) (Source: Application Hang) (EventID: 1002) (User: )Description: iexplore.exe11.0.9600.172391b5001cfc28acd367171218C:\Program Files\Internet Explorer\iexplore.exe7ae76496-2ee4-11e4-be86-0c84dca60c86Error: (08/28/2014 11:52:39 AM) (Source: Application Error) (EventID: 1000) (User: )Description: nMsNhQLsuy.exe1.0.0.053bad802KERNELBASE.dll6.3.9600.17055532954fbc06d007e0000000000005bf8144c01cfc2f13d577500C:\ProgramData\VdUfCdBZX\dat\nMsNhQLsuy.exeC:\WINDOWS\system32\KERNELBASE.dll7b27c41b-2ee4-11e4-be86-0c84dca60c86Error: (08/28/2014 11:44:02 AM) (Source: Application Error) (EventID: 1000) (User: )Description: upfst_us_228.exe1.0.0.153fb01c0upfst_us_228.exe1.0.0.153fb01c0c000000500009b101dac01cfc2f009a6a554C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exeC:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe47796609-2ee3-11e4-be86-0c84dca60c86Error: (08/28/2014 11:42:00 AM) (Source: Application Hang) (EventID: 1002) (User: )Description: iexplore.exe11.0.9600.1723914f401cfc28c65a708ca109C:\Program Files\Internet Explorer\iexplore.exefdf3107e-2ee2-11e4-be86-0c84dca60c86Error: (08/28/2014 11:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )Description: abPhoto.exe3.0.2011.053f71973MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d136401cfc2871b4b99ccC:\Program Files (x86)\Acer\abPhoto\abPhoto.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dlla30f6233-2ee2-11e4-be86-0c84dca60c86==================== Memory info ===========================Processor: AMD E1-2500 APU with Radeon HD GraphicsPercentage of memory in use: 23%Total physical RAM: 5573.01 MBAvailable physical RAM: 4270.86 MBTotal Pagefile: 6469.01 MBAvailable Pagefile: 4640.22 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.79 MB==================== Drives ================================Drive c: (Acer) (Fixed) (Total:449.41 GB) (Free:418.67 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (Size: 465.8 GB) (Disk ID: DE5B179F)Partition: GPT Partition Type.==================== End Of Log ============================
#8
Posted 28 August 2014 - 03:35 PM
#9
Posted 28 August 2014 - 10:53 PM
I am on another computer and I am not able to get the laptop on internet.. It says prosy not found... I was getting to post my last tests on fixlist ... any help that might let me get back on the internet I would appreciate it...
#10
Posted 29 August 2014 - 02:55 AM
In order for me to be able to get back in and get on the internet I had to refresh the laptop.... do you want me to run the test over....
#11
Posted 29 August 2014 - 06:22 AM
Please download AdwCleaner by Xplode onto your desktop.
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click on Scan.
- After the scan is complete click on "Clean"
- Confirm each time with Ok.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile with your next answer.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Select additions at the bottom
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please attach both logs generated.
#12
Posted 29 August 2014 - 03:39 PM
# AdwCleaner v3.308 - Report created 29/08/2014 at 14:26:20
# Updated 20/08/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : judy - JUDYSPC
# Running from : C:\Users\judy\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\VOGWWBDE\adwcleaner_3.308.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Blasteroids
Folder Deleted : C:\Users\judy\AppData\LocalLow\AppGraffiti
Folder Deleted : C:\Users\judy\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\judy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\judy\AppData\LocalLow\iac
Folder Deleted : C:\Users\judy\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\judy\AppData\LocalLow\InboxAce_1g
Folder Deleted : C:\Users\judy\AppData\LocalLow\InboxAce_1gEI
Folder Deleted : C:\Users\judy\AppData\LocalLow\MyFunCards_5m
Folder Deleted : C:\Users\judy\AppData\LocalLow\SiteRanker
Folder Deleted : C:\Users\judy\AppData\LocalLow\TotalRecipeSearch_14EI
Folder Deleted : C:\Users\judy\AppData\LocalLow\UtilityChest_49
Folder Deleted : C:\Users\judy\Documents\PC Health Kit
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\judy\daemonprocess.txt
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16482
*************************
AdwCleaner[R0].txt - [2109 octets] - [29/08/2014 14:23:11]
AdwCleaner[S0].txt - [1951 octets] - [29/08/2014 14:26:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2011 octets] ##########
#13
Posted 29 August 2014 - 03:59 PM
Ran by judy (administrator) on JUDYSPC on 29-08-2014 14:53:12
Running from C:\Users\judy\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\VOGWWBDE
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsMap.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-17] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Qualcomm Atheros Commnucations))
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKLM - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-04-16]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-04-16]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-08-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 0057281409347779mcinstcleanup; C:\WINDOWS\TEMP\005728~1.EXE [836168 2014-03-13] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-11-30] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)
R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-29 14:45 - 2014-08-29 14:45 - 00024764 _____ () C:\Users\judy\Desktop\farbar-recovery-scan-tool.htm
2014-08-29 14:43 - 2014-08-29 14:43 - 00000299 _____ () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2014-08-29 14:42 - 2014-05-14 18:02 - 00059424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-08-29 14:42 - 2014-05-14 15:43 - 03286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-08-29 14:42 - 2014-05-14 15:43 - 01623040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-08-29 14:42 - 2014-05-14 15:43 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-08-29 14:42 - 2014-05-14 15:42 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-08-29 14:42 - 2013-08-15 22:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-08-29 14:40 - 2014-08-29 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-29 14:38 - 2014-08-29 14:38 - 01364531 _____ () C:\Users\judy\Downloads\adwcleaner_3.308.exe
2014-08-29 14:38 - 2014-08-29 14:38 - 00000130 _____ () C:\Users\judy\Desktop\Thank you for downloading AdwCleaner - ToolsLib (2).url
2014-08-29 14:37 - 2014-08-29 14:37 - 00002095 _____ () C:\Users\judy\Desktop\AdwCleaner[S0]TEXT.txt
2014-08-29 14:24 - 2014-08-29 14:24 - 00000130 _____ () C:\Users\judy\Desktop\Thank you for downloading AdwCleaner - ToolsLib.url
2014-08-29 14:23 - 2014-08-29 14:26 - 00000000 ____D () C:\AdwCleaner
2014-08-29 14:17 - 2014-08-29 14:17 - 00028258 _____ () C:\Users\judy\Desktop\adwcleaner.htm
2014-08-29 13:38 - 2014-08-29 13:39 - 00001107 _____ () C:\Users\judy\Desktop\Continue File Extractor Installation.lnk
2014-08-29 02:11 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-08-29 02:06 - 2014-08-29 02:17 - 00000000 ____D () C:\Windows.old
2014-08-29 02:05 - 2014-08-29 02:05 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-08-29 02:00 - 2014-08-29 02:12 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-1001
2014-08-29 01:46 - 2014-08-29 01:46 - 00000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-08-29 01:45 - 2014-08-29 01:45 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Macromedia
2014-08-29 01:44 - 2014-08-29 01:44 - 00000000 ____D () C:\$WINDOWS.~BT
2014-08-29 01:40 - 2014-08-29 01:40 - 00000000 ____D () C:\Users\Public\OEM
2014-08-29 01:39 - 2014-08-29 01:41 - 00000000 ____D () C:\Users\judy\AppData\Local\clear.fi
2014-08-29 01:39 - 2013-01-29 12:28 - 00051912 _____ (Soluto LTD.) C:\WINDOWS\system32\Drivers\Soluto.sys
2014-08-29 01:33 - 2014-08-29 01:33 - 00001958 _____ () C:\Users\Public\Desktop\Netflix.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00001776 _____ () C:\Users\Public\Desktop\Buy Online.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Atheros
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\ProgramData\OEM_E471269A730D
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Program Files\Accessory Store
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Program Files (x86)\OEM
2014-08-29 01:32 - 2014-08-29 01:32 - 00001438 _____ () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-29 01:32 - 2014-08-29 01:32 - 00000000 ____D () C:\Users\judy\AppData\Local\CrashDumps
2014-08-29 01:31 - 2014-08-29 01:31 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Adobe
2014-08-29 01:30 - 2014-08-29 01:32 - 00000000 ____D () C:\Users\judy\AppData\Local\Packages
2014-08-29 01:30 - 2014-08-29 01:30 - 00000020 ___SH () C:\Users\judy\ntuser.ini
2014-08-29 01:30 - 2014-08-29 01:30 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Synaptics
2014-08-29 01:30 - 2014-08-29 01:30 - 00000000 ____D () C:\Users\judy\AppData\Local\VirtualStore
2014-08-29 01:29 - 2014-08-29 14:45 - 00239951 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-29 01:09 - 2014-08-29 14:26 - 00000000 ____D () C:\Users\judy
2014-08-29 01:09 - 2014-08-29 01:10 - 00000000 ____D () C:\Users\Guest
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-29 01:08 - 2014-08-29 01:10 - 00026673 _____ () C:\WINDOWS\diagwrn.xml
2014-08-29 01:08 - 2014-08-29 01:10 - 00026673 _____ () C:\WINDOWS\diagerr.xml
2014-08-29 00:42 - 2014-08-29 02:12 - 00000000 ___HD () C:\$SysReset
2014-08-28 15:25 - 2014-08-28 15:25 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (2).exe
2014-08-28 11:44 - 2014-08-28 14:25 - 00036804 _____ () C:\Users\judy\Downloads\Addition.txt
2014-08-28 11:41 - 2014-08-29 14:53 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 15:28 - 00073597 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ () C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 18:51 - 2014-08-14 18:52 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-29 14:53 - 2014-08-28 11:41 - 00000000 ____D () C:\FRST
2014-08-29 14:45 - 2014-08-29 14:45 - 00024764 _____ () C:\Users\judy\Desktop\farbar-recovery-scan-tool.htm
2014-08-29 14:45 - 2014-08-29 01:29 - 00239951 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-29 14:45 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-29 14:43 - 2014-08-29 14:43 - 00000299 _____ () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2014-08-29 14:41 - 2013-08-03 04:05 - 00000000 ____D () C:\ProgramData\Soluto
2014-08-29 14:41 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-08-29 14:40 - 2014-08-29 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-29 14:38 - 2014-08-29 14:38 - 01364531 _____ () C:\Users\judy\Downloads\adwcleaner_3.308.exe
2014-08-29 14:38 - 2014-08-29 14:38 - 00000130 _____ () C:\Users\judy\Desktop\Thank you for downloading AdwCleaner - ToolsLib (2).url
2014-08-29 14:37 - 2014-08-29 14:37 - 00002095 _____ () C:\Users\judy\Desktop\AdwCleaner[S0]TEXT.txt
2014-08-29 14:33 - 2012-07-25 22:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-29 14:32 - 2012-07-26 00:28 - 00848230 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-29 14:29 - 2013-04-16 23:15 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-08-29 14:28 - 2013-04-16 23:15 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-29 14:28 - 2013-04-16 23:15 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-08-29 14:28 - 2012-07-26 00:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-29 14:27 - 2013-08-03 03:22 - 00281088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-29 14:27 - 2013-04-16 20:52 - 00009078 _____ () C:\WINDOWS\PFRO.log
2014-08-29 14:27 - 2012-07-25 22:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-29 14:26 - 2014-08-29 14:23 - 00000000 ____D () C:\AdwCleaner
2014-08-29 14:26 - 2014-08-29 01:09 - 00000000 ____D () C:\Users\judy
2014-08-29 14:24 - 2014-08-29 14:24 - 00000130 _____ () C:\Users\judy\Desktop\Thank you for downloading AdwCleaner - ToolsLib.url
2014-08-29 14:17 - 2014-08-29 14:17 - 00028258 _____ () C:\Users\judy\Desktop\adwcleaner.htm
2014-08-29 14:00 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-29 13:39 - 2014-08-29 13:38 - 00001107 _____ () C:\Users\judy\Desktop\Continue File Extractor Installation.lnk
2014-08-29 02:38 - 2013-08-03 03:32 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2014-08-29 02:17 - 2014-08-29 02:06 - 00000000 ____D () C:\Windows.old
2014-08-29 02:12 - 2014-08-29 02:00 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-1001
2014-08-29 02:12 - 2014-08-29 00:42 - 00000000 ___HD () C:\$SysReset
2014-08-29 02:09 - 2012-07-26 01:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-08-29 02:06 - 2012-07-26 01:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-08-29 02:05 - 2014-08-29 02:05 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-08-29 01:46 - 2014-08-29 01:46 - 00000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-08-29 01:45 - 2014-08-29 01:45 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Macromedia
2014-08-29 01:44 - 2014-08-29 01:44 - 00000000 ____D () C:\$WINDOWS.~BT
2014-08-29 01:41 - 2014-08-29 01:39 - 00000000 ____D () C:\Users\judy\AppData\Local\clear.fi
2014-08-29 01:40 - 2014-08-29 01:40 - 00000000 ____D () C:\Users\Public\OEM
2014-08-29 01:34 - 2013-04-16 21:40 - 00000000 ___HD () C:\OEM
2014-08-29 01:33 - 2014-08-29 01:33 - 00001958 _____ () C:\Users\Public\Desktop\Netflix.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00001776 _____ () C:\Users\Public\Desktop\Buy Online.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Atheros
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\ProgramData\OEM_E471269A730D
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Program Files\Accessory Store
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Program Files (x86)\OEM
2014-08-29 01:32 - 2014-08-29 01:32 - 00001438 _____ () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-29 01:32 - 2014-08-29 01:32 - 00000000 ____D () C:\Users\judy\AppData\Local\CrashDumps
2014-08-29 01:32 - 2014-08-29 01:30 - 00000000 ____D () C:\Users\judy\AppData\Local\Packages
2014-08-29 01:31 - 2014-08-29 01:31 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Adobe
2014-08-29 01:30 - 2014-08-29 01:30 - 00000020 ___SH () C:\Users\judy\ntuser.ini
2014-08-29 01:30 - 2014-08-29 01:30 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Synaptics
2014-08-29 01:30 - 2014-08-29 01:30 - 00000000 ____D () C:\Users\judy\AppData\Local\VirtualStore
2014-08-29 01:30 - 2012-07-26 01:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-08-29 01:30 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-08-29 01:29 - 2013-04-16 21:52 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-29 01:12 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-29 01:10 - 2014-08-29 01:09 - 00000000 ____D () C:\Users\Guest
2014-08-29 01:10 - 2014-08-29 01:08 - 00026673 _____ () C:\WINDOWS\diagwrn.xml
2014-08-29 01:10 - 2014-08-29 01:08 - 00026673 _____ () C:\WINDOWS\diagerr.xml
2014-08-29 01:10 - 2012-07-26 01:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-29 01:10 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-08-29 01:10 - 2012-07-26 00:21 - 00024918 _____ () C:\WINDOWS\setupact.log
2014-08-28 16:00 - 2014-06-17 15:34 - 00000000 __RDO () C:\Users\judy\OneDrive
2014-08-28 15:28 - 2014-08-28 11:41 - 00073597 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 15:25 - 2014-08-28 15:25 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (2).exe
2014-08-28 14:25 - 2014-08-28 11:44 - 00036804 _____ () C:\Users\judy\Downloads\Addition.txt
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ () C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 18:52 - 2014-08-14 18:51 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
Some content of TEMP:
====================
C:\Users\judy\AppData\Local\Temp\ICReinstall_FileExtractorSetup.exe
C:\Users\judy\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-04-16 20:52
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-08-2014 01
Ran by judy at 2014-08-29 14:54:41
Running from C:\Users\judy\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\VOGWWBDE
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30313 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{29200C76-2ADF-0C62-BE0D-2AC087740379}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QCA CardReader Driver Installer (HKLM-x32\...\{4E0BC999-655B-421D-87F3-640C6F2BFC11}) (Version: 1.0.1.34 - Qualcomm Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.49 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Soluto (HKLM\...\{A40888FC-B545-46F3-8628-6AE98C1C75C6}) (Version: 1.3.1193.1 - Soluto)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.1 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
29-08-2014 21:41:23 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-25 22:26 - 2012-07-25 22:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1C089B1B-6BA0-49C2-B594-F708C1B8B503} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {2017AFB9-9FD4-4750-9DBC-C5745DCE848D} - System32\Tasks\Microsoft\Windows\SysResetLogSuccess => Rundll32.exe ResetEng.dll,RjvLogSuccessEntryPoint
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {4E5E7022-5BE7-4EA3-A325-ED26302476BA} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {76A4B948-019E-42AA-8979-F76AC472004D} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-03-14] (Acer Incorporate)
Task: {8E61A2C1-0631-433D-9DA3-4F799E1DB1BB} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\WINDOWS\system32\dism.exe [2012-07-25] (Microsoft Corporation)
Task: {B87C0074-F507-4AF6-B410-AC3CCD885250} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {E21B0950-4700-4DFC-A39D-2960E1E72C17} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-02-05] (Synaptics Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
==================== Loaded Modules (whitelisted) =============
2013-01-29 12:28 - 2013-01-29 12:28 - 00109024 _____ () c:\program files\soluto\PCGDllExportInspector.dll
2013-04-15 11:23 - 2013-04-15 11:23 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-04-15 11:20 - 2013-04-15 11:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-04-15 11:25 - 2013-04-15 11:25 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-01-29 12:28 - 2013-01-29 12:28 - 00109024 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-01-29 12:28 - 2013-01-29 12:28 - 00055352 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2012-07-25 13:44 - 2012-07-25 13:35 - 00006656 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Management.winmd
2012-07-25 13:44 - 2012-07-25 13:35 - 00022016 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Foundation.winmd
2012-07-25 13:44 - 2012-07-25 13:35 - 00074240 _____ () C:\WINDOWS\system32\WinMetadata\Windows.ApplicationModel.winmd
2012-07-25 13:44 - 2012-07-25 13:35 - 00018432 _____ () C:\WINDOWS\system32\WinMetadata\Windows.System.winmd
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\judy\OneDrive:ms-properties
AlternateDataStreams: C:\Users\judy\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Bluetooth USB Adapter
Description: Bluetooth USB Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/29/2014 02:44:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 13cc
Start Time: 01cfc3d171bec44a
Termination Time: 109
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: a03ddf28-2fc5-11e4-be72-3065ec0d647b
Faulting package full name:
Faulting package-relative application ID:
Error: (08/29/2014 02:43:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1760
Start Time: 01cfc3d237bd3914
Termination Time: 78
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 8be32f06-2fc5-11e4-be72-3065ec0d647b
Faulting package full name:
Faulting package-relative application ID:
Error: (08/29/2014 02:43:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1414
Start Time: 01cfc3d20b643d6a
Termination Time: 188
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 730ac3a4-2fc5-11e4-be72-3065ec0d647b
Faulting package full name:
Faulting package-relative application ID:
Error: (08/29/2014 02:41:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: ee4
Start Time: 01cfc3d1e537f2fe
Termination Time: 124
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 467d6998-2fc5-11e4-be72-3065ec0d647b
Faulting package full name:
Faulting package-relative application ID:
Error: (08/29/2014 02:40:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 238
Start Time: 01cfc3d16ee8bef1
Termination Time: 109
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 21c9397a-2fc5-11e4-be72-3065ec0d647b
Faulting package full name:
Faulting package-relative application ID:
Error: (08/29/2014 02:16:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1864
Start Time: 01cfc3ce3d6436a9
Termination Time: 31
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: c18d654d-2fc1-11e4-be71-3065ec0d647b
Faulting package full name:
Faulting package-relative application ID:
Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.
Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.
Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.
Error: (08/29/2014 01:57:59 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.
System errors:
=============
Error: (08/29/2014 01:46:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Soluto service failed to start due to the following error:
%%2
Error: (08/03/2013 04:31:01 AM) (Source: DCOM) (EventID: 10010) (User: judyspc)
Description: {9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Microsoft Office Sessions:
=========================
Error: (08/29/2014 02:44:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.1648213cc01cfc3d171bec44a109C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEa03ddf28-2fc5-11e4-be72-3065ec0d647b
Error: (08/29/2014 02:43:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16482176001cfc3d237bd391478C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE8be32f06-2fc5-11e4-be72-3065ec0d647b
Error: (08/29/2014 02:43:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16482141401cfc3d20b643d6a188C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE730ac3a4-2fc5-11e4-be72-3065ec0d647b
Error: (08/29/2014 02:41:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16482ee401cfc3d1e537f2fe124C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE467d6998-2fc5-11e4-be72-3065ec0d647b
Error: (08/29/2014 02:40:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.1648223801cfc3d16ee8bef1109C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE21c9397a-2fc5-11e4-be72-3065ec0d647b
Error: (08/29/2014 02:16:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16482186401cfc3ce3d6436a931C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEc18d654d-2fc1-11e4-be71-3065ec0d647b
Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (08/29/2014 01:57:59 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
==================== Memory info ===========================
Processor: AMD E1-2500 APU with Radeon HD Graphics
Percentage of memory in use: 32%
Total physical RAM: 5573 MB
Available physical RAM: 3771.57 MB
Total Pagefile: 9541 MB
Available Pagefile: 7575.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.41 GB) (Free:409.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DE5B179F)
Partition: GPT Partition Type.
==================== End Of Log ============================
#14
Posted 30 August 2014 - 04:22 AM
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
2014-08-29 13:38 - 2014-08-29 13:39 - 00001107 _____ () C:\Users\judy\Desktop\Continue File Extractor Installation.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00001776 _____ () C:\Users\Public\Desktop\Buy Online.lnk
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
#15
Posted 30 August 2014 - 03:42 PM
Is that all in the quote box....
2014-08-29 13:38 - 2014-08-29 13:39 - 00001107 _____ () C:\Users\judy\Desktop\Continue File Extractor Installation.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00001776 _____ () C:\Users\Public\Desktop\Buy Online.lnk
EmptyTemp:
CMD: bitsadmin /reset /allusers.....
so I down load the FRST and save it on desktop and run the scan and when I click fix says no first list is there....
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users