Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My laptop got infected and now I am not able to do anything. [Solved]


  • This topic is locked This topic is locked

#1
leahcase

leahcase

    Member

  • Member
  • PipPipPip
  • 229 posts

I have a virus and can;t do anything... getting errors when I go to IE  or chrome getting pop up..I.  think that I have been hacked,,,I tried to download skybot and it said that it was not compatible...


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, we have a few options open to us. First could you attempt to download and run the following

If you are unable to could you download it on another computer and using a USB transfer it to the sick computer

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by judy at 2014-08-28 11:44:27
Running from C:\Users\judy\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2007.2 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2011.1 - Acer Incorporated)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.01.2011 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30313 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{29200C76-2ADF-0C62-BE0D-2AC087740379}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.1 - CMI Limited) <==== ATTENTION
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2012.1 - Acer Incorporated)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
BlockAndSurf (HKLM-x32\...\00ACB724-76B2-5971-98E5-D94B76948A5B) (Version:  - BlockAndSurf-software) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
ContentExplorer (HKLM-x32\...\ContentExplorer) (Version: 8.4 - ContentExplorer.net)
Desktop Temperature Monitor (HKCU\...\Desktop Temperature Monitor) (Version: 1.24.0.0 - System Alerts LLC)
DriverRestore (HKLM\...\DriverRestore) (Version: 1.0 - 383 Media, Inc.)
Extended Update (HKCU\...\UpdaterEX) (Version:  - Extended Update) <==== ATTENTION
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FreeSoftToday 025.228 (HKLM-x32\...\fst_us_228_is1) (Version:  - FREESOFTTODAY) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Inbox Toolbar (HKLM-x32\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 2.0.1.106 - Xacti, LLC)
Inbox3 (HKLM-x32\...\{E5E22EB4-B322-411C-BACB-263300A3D80E}_is1) (Version: 1.0.0.12 - Inbox.com)
InboxAce Internet Explorer Toolbar (HKLM-x32\...\InboxAce_1gbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
MyFunCards Internet Explorer Toolbar (HKLM-x32\...\MyFunCards_5mbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
PastaQuotes (HKLM-x32\...\pastaleads) (Version: 1.2.1.0 - PastaLeads)
QCA CardReader Driver Installer (HKLM-x32\...\{4E0BC999-655B-421D-87F3-640C6F2BFC11}) (Version: 1.0.1.34 - Qualcomm Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.49 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Soluto (HKLM\...\{A40888FC-B545-46F3-8628-6AE98C1C75C6}) (Version: 1.3.1193.1 - Soluto)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Term Tutor (HKLM-x32\...\TermTutor) (Version: 1.9.0.6 - Term Tutor)
The Sea App (Internet Explorer)  (HKLM-x32\...\The Sea App) (Version:  - Growth Systems, LLC) <==== ATTENTION
TidyNetwork (HKCU\...\TidyNetwork) (Version:  - TidyNetwork)
TotalRecipeSearch Internet Explorer Toolbar (HKLM-x32\...\TotalRecipeSearch_14bar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Utility Chest Internet Explorer Toolbar (HKLM-x32\...\UtilityChest_49bar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WSE_Astromenda (HKLM-x32\...\WSE_Astromenda) (Version:  - WSE_Astromenda) <==== ATTENTION
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
11-08-2014 14:37:05 Tuneup Pro Mon, Aug 11, 14  07:37
14-08-2014 15:27:53 Windows Update
22-08-2014 06:51:41 Scheduled Checkpoint
28-08-2014 20:09:45 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1C089B1B-6BA0-49C2-B594-F708C1B8B503} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {1D3A0C7B-5AD3-4B84-A478-B293255849AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {26223B8B-B407-4AE0-8EA5-90D9299BDC87} - System32\Tasks\TidyNetwork Update => C:\Users\judy\AppData\Local\TidyNetwork\petnupdate.exe [2014-08-14] ()
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {39295545-2169-47A5-B5F1-3DCB98334328} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-08-06] (Acer)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {4898B40A-C3FD-4C18-9262-36FA84EA356B} - System32\Tasks\Microsoft\Windows\SysResetLogSuccess => Rundll32.exe ResetEng.dll,RjvLogSuccessEntryPoint
Task: {48DC7E0D-1F64-462F-B7AE-122F88E9FD96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {68356BDE-4763-4EF3-9629-191308CB1B2D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-14] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F170458-AB97-4224-AD0C-EC073725BB86} - System32\Tasks\PastaQuotes => C:\Program Files (x86)\pastaleads\ScheduledTask.exe [2014-06-18] ()
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75600F68-68BB-4EFA-B301-3CC2C08023AD} - System32\Tasks\DriverRestore_DailyScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-07-06] ()
Task: {76A4B948-019E-42AA-8979-F76AC472004D} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-03-14] (Acer Incorporate)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8E61A2C1-0631-433D-9DA3-4F799E1DB1BB} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {959909FF-A127-491D-8A16-E6CC8D046625} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {973B237C-ED4A-4DDF-86D4-C69CD82AE18E} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A07D2BE3-7F59-496C-8DD4-2202A46969E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14] (Google Inc.)
Task: {B87C0074-F507-4AF6-B410-AC3CCD885250} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {B8EC8ECD-4AB1-4B70-9505-C4EF5E47C16E} - System32\Tasks\ASP => C:\Program Files (x86)\Tuneup pro\SystweakASP.exe
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D136D828-6ADE-43E0-9102-FA020971E586} - System32\Tasks\Knight System Protector Startup => C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe [2013-12-17] ()
Task: {D6A24AB9-2B6F-406C-8FF1-3AA5B229CCA0} - System32\Tasks\DriverRestore_ScheduledScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-07-06] ()
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2014-06-18 00:47 - 2014-06-18 00:47 - 00384408 _____ () C:\Program Files (x86)\pastaleads\PastaLeadsService.exe
2014-08-27 23:00 - 2014-08-27 23:00 - 00071680 _____ () C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe
2013-01-29 12:28 - 2013-01-29 12:28 - 00109024 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-01-29 12:28 - 2013-01-29 12:28 - 00055352 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2014-07-12 18:02 - 2014-07-12 18:02 - 00101376 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Management\48a5e4128a7c4b39f813961b46af6c3d\Windows.Management.ni.dll
2014-07-12 18:00 - 2014-07-12 18:00 - 01782784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\43b92b6dbc9eb61983817ea32346d510\Windows.ApplicationModel.ni.dll
2014-08-16 07:53 - 2014-08-16 07:53 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2013-01-29 12:28 - 2013-01-29 12:28 - 00109024 _____ () c:\program files\soluto\PCGDllExportInspector.dll
2014-02-02 17:41 - 2013-12-17 20:07 - 02159864 _____ () C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe
2014-08-27 23:08 - 2014-08-25 12:00 - 03337208 _____ () C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe
2014-08-27 23:09 - 2014-08-27 23:09 - 00104960 _____ () C:\Program Files (x86)\ver1BlockAndSurf\BlockAndSurf.exe
2013-04-15 11:23 - 2013-04-15 11:23 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-04-15 11:20 - 2013-04-15 11:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-04-15 11:25 - 2013-04-15 11:25 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-08-27 23:09 - 2014-08-27 23:09 - 01072128 _____ () C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
2014-07-22 06:07 - 2014-07-22 06:07 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-07-22 06:02 - 2014-07-22 06:02 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-08-14 18:53 - 2014-08-25 18:24 - 02640408 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2014-03-03 18:55 - 2014-03-03 18:55 - 01046288 _____ () C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll
2014-08-16 07:53 - 2014-08-16 07:53 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2014-08-22 18:21 - 2014-08-22 18:21 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-08-22 18:21 - 2014-08-22 18:21 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-08-22 18:21 - 2014-08-22 18:21 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-08-22 18:21 - 2014-08-22 18:21 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2014-08-12 21:42 - 2014-08-12 21:42 - 00015616 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-08-06 16:47 - 2014-08-06 16:47 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-08-06 16:44 - 2014-08-06 16:44 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2013-08-03 04:12 - 2013-02-20 22:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2014-08-14 19:44 - 2014-08-06 20:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-14 19:44 - 2014-08-06 20:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-14 19:44 - 2014-08-06 20:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-14 19:44 - 2014-08-06 20:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-14 19:44 - 2014-08-06 20:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-14 19:44 - 2014-08-06 20:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\judy\OneDrive:ms-properties
AlternateDataStreams: C:\Users\judy\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/28/2014 11:27:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AnyProtect.exe, version: 1.0.0.1, time stamp: 0x53fded89
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x3dc
Faulting application start time: 0xAnyProtect.exe0
Faulting application path: AnyProtect.exe1
Faulting module path: AnyProtect.exe2
Report Id: AnyProtect.exe3
Faulting package full name: AnyProtect.exe4
Faulting package-relative application ID: AnyProtect.exe5
 
Error: (08/28/2014 11:14:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17031 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 65c
 
Start Time: 01cfc2fbf734122c
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\syswow64\wwahost.exe
 
Report Id: 2c0d757b-2edf-11e4-be88-0c84dca60c86
 
Faulting package full name: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c
 
Faulting package-relative application ID: App
 
Error: (08/28/2014 00:44:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0
Faulting module name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0
Exception code: 0xc0000005
Fault offset: 0x00009b10
Faulting process id: 0xfdc
Faulting application start time: 0xupfst_us_228.exe0
Faulting application path: upfst_us_228.exe1
Faulting module path: upfst_us_228.exe2
Report Id: upfst_us_228.exe3
Faulting package full name: upfst_us_228.exe4
Faulting package-relative application ID: upfst_us_228.exe5
 
Error: (08/28/2014 11:53:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nMsNhQLsuy.exe, version: 1.0.0.0, time stamp: 0x53bad802
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53649e73
Exception code: 0xc0000005
Fault offset: 0x000000000003b2f8
Faulting process id: 0x144c
Faulting application start time: 0xnMsNhQLsuy.exe0
Faulting application path: nMsNhQLsuy.exe1
Faulting module path: nMsNhQLsuy.exe2
Report Id: nMsNhQLsuy.exe3
Faulting package full name: nMsNhQLsuy.exe4
Faulting package-relative application ID: nMsNhQLsuy.exe5
 
Error: (08/28/2014 11:52:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1b50
 
Start Time: 01cfc28acd367171
 
Termination Time: 218
 
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
 
Report Id: 7ae76496-2ee4-11e4-be86-0c84dca60c86
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/28/2014 11:52:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nMsNhQLsuy.exe, version: 1.0.0.0, time stamp: 0x53bad802
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532954fb
Exception code: 0xc06d007e
Fault offset: 0x0000000000005bf8
Faulting process id: 0x144c
Faulting application start time: 0xnMsNhQLsuy.exe0
Faulting application path: nMsNhQLsuy.exe1
Faulting module path: nMsNhQLsuy.exe2
Report Id: nMsNhQLsuy.exe3
Faulting package full name: nMsNhQLsuy.exe4
Faulting package-relative application ID: nMsNhQLsuy.exe5
 
Error: (08/28/2014 11:44:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0
Faulting module name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0
Exception code: 0xc0000005
Fault offset: 0x00009b10
Faulting process id: 0x1dac
Faulting application start time: 0xupfst_us_228.exe0
Faulting application path: upfst_us_228.exe1
Faulting module path: upfst_us_228.exe2
Report Id: upfst_us_228.exe3
Faulting package full name: upfst_us_228.exe4
Faulting package-relative application ID: upfst_us_228.exe5
 
Error: (08/28/2014 11:42:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 14f4
 
Start Time: 01cfc28c65a708ca
 
Termination Time: 109
 
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
 
Report Id: fdf3107e-2ee2-11e4-be86-0c84dca60c86
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/28/2014 11:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: abPhoto.exe, version: 3.0.2011.0, time stamp: 0x53f71973
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process id: 0x1364
Faulting application start time: 0xabPhoto.exe0
Faulting application path: abPhoto.exe1
Faulting module path: abPhoto.exe2
Report Id: abPhoto.exe3
Faulting package full name: abPhoto.exe4
Faulting package-relative application ID: abPhoto.exe5
 
Error: (08/28/2014 11:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BackgroundAgent.exe, version: 1.0.1.5, time stamp: 0x53e1eb8b
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process id: 0x12d8
Faulting application start time: 0xBackgroundAgent.exe0
Faulting application path: BackgroundAgent.exe1
Faulting module path: BackgroundAgent.exe2
Report Id: BackgroundAgent.exe3
Faulting package full name: BackgroundAgent.exe4
Faulting package-relative application ID: BackgroundAgent.exe5
 
 
System errors:
=============
Error: (08/28/2014 00:59:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (08/28/2014 00:59:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
Error: (08/28/2014 00:58:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (08/28/2014 00:56:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The hhVqPjMye service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (08/27/2014 11:37:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 51.
 
Error: (08/27/2014 11:11:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error: 
%%14001
 
Error: (08/27/2014 11:06:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (08/27/2014 11:06:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
Error: (08/27/2014 11:04:44 PM) (Source: DCOM) (EventID: 10010) (User: JUDYSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/27/2014 11:04:44 PM) (Source: DCOM) (EventID: 10010) (User: JUDYSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
 
Microsoft Office Sessions:
=========================
Error: (08/28/2014 11:27:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AnyProtect.exe1.0.0.153fded89unknown0.0.0.000000000c0000005000000003dc01cfc2fac0c0453aC:\Program Files (x86)\AnyProtectEx\AnyProtect.exeunknowne7e858bd-2ee0-11e4-be88-0c84dca60c86
 
Error: (08/28/2014 11:14:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703165c01cfc2fbf734122c4294967295C:\WINDOWS\syswow64\wwahost.exe2c0d757b-2edf-11e4-be88-0c84dca60c86Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp
 
Error: (08/28/2014 00:44:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: upfst_us_228.exe1.0.0.153fb01c0upfst_us_228.exe1.0.0.153fb01c0c000000500009b10fdc01cfc2f86cd8259fC:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exeC:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exeaac12db9-2eeb-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:53:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nMsNhQLsuy.exe1.0.0.053bad802ntdll.dll6.3.9600.1711453649e73c0000005000000000003b2f8144c01cfc2f13d577500C:\ProgramData\VdUfCdBZX\dat\nMsNhQLsuy.exeC:\WINDOWS\SYSTEM32\ntdll.dll95346cd4-2ee4-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:52:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.172391b5001cfc28acd367171218C:\Program Files\Internet Explorer\iexplore.exe7ae76496-2ee4-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:52:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nMsNhQLsuy.exe1.0.0.053bad802KERNELBASE.dll6.3.9600.17055532954fbc06d007e0000000000005bf8144c01cfc2f13d577500C:\ProgramData\VdUfCdBZX\dat\nMsNhQLsuy.exeC:\WINDOWS\system32\KERNELBASE.dll7b27c41b-2ee4-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:44:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: upfst_us_228.exe1.0.0.153fb01c0upfst_us_228.exe1.0.0.153fb01c0c000000500009b101dac01cfc2f009a6a554C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exeC:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe47796609-2ee3-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:42:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.1723914f401cfc28c65a708ca109C:\Program Files\Internet Explorer\iexplore.exefdf3107e-2ee2-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: abPhoto.exe3.0.2011.053f71973MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d136401cfc2871b4b99ccC:\Program Files (x86)\Acer\abPhoto\abPhoto.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dlla30f6233-2ee2-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.553e1eb8bMSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d12d801cfc286523a0b26C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dlla2f9ed07-2ee2-11e4-be86-0c84dca60c86
 
 
==================== Memory info =========================== 
 
Processor: AMD E1-2500 APU with Radeon™ HD Graphics 
Percentage of memory in use: 32%
Total physical RAM: 5573.01 MB
Available physical RAM: 3766.59 MB
Total Pagefile: 6469.01 MB
Available Pagefile: 4180.34 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:449.41 GB) (Free:413.22 GB) NTFS
 
==================== MBR & Partition Table ==================
 
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by judy (administrator) on JUDYSPC on 28-08-2014 11:41:55
Running from C:\Users\judy\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe
() C:\Program Files (x86)\pastaleads\PastaLeadsService.exe
() C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
() C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe
() C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe
() C:\Program Files (x86)\ver1BlockAndSurf\BlockAndSurf.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
( ) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Inbox.com) C:\Program Files (x86)\Inbox3\Inbox3Tray.exe
(ContentExplorer) C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe
() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
(System Alerts LLC) C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Users\judy\AppData\Local\clear.fi\Portal\AcerPortalSetup.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-17] (Realtek Semiconductor)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [52992 2014-08-06] (Acer Incorporated)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [fst_us_228] => "C:\Program Files (x86)\fst_us_228\fst_us_228.exe"
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\RunOnce: [upfst_us_228.exe] => C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe [3337208 2014-08-25] ()
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2569984 2014-08-06] (Acer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
ShellIconOverlayIdentifiers: ACloudSyncedRF -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudSyncedSF -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudSyncing -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudToBeSynced -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKLM - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKLM-x32 - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = 
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} -  No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100
 
FireFox:
========
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-14]
CHR Extension: (Google Drive) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-21]
CHR Extension: (YouTube) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-14]
CHR Extension: (Google Search) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-14]
CHR Extension: (Google Wallet) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]
CHR Extension: (Gmail) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3058944 2014-08-06] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [356432 2014-06-25] (Term Tutor)
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-16] (AVG Secure Search)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-17] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-17] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-11-30] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-08-16] (AVG Technologies)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-20] ()
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-06-25] (Term Tutor)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-17] (Microsoft Corporation)
R2 webinstr; C:\WINDOWS\system32\Drivers\webinstr.sys [58040 2014-08-27] (Corsica)
R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U2 TMAgent; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-28 11:41 - 2014-08-28 11:42 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:41 - 2014-08-28 11:42 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:35 - 2014-08-28 11:36 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-28 11:27 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_228
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_228
2014-08-27 23:04 - 2014-08-28 12:57 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-08-27 22:59 - 2014-07-01 10:37 - 00020872 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2014-08-27 22:58 - 2014-08-27 22:59 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit
2014-08-27 18:06 - 2014-08-28 12:58 - 00007878 _____ () C:\WINDOWS\PFRO.log
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids
2014-08-16 07:53 - 2014-08-16 07:54 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-08-16 07:48 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-16 07:48 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 07:39 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 07:39 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 07:39 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 07:39 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 07:39 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 07:39 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 07:39 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 07:39 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 07:38 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 07:38 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 07:38 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 07:38 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 07:38 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 07:38 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 07:38 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 07:38 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 07:38 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 07:38 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 07:38 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 07:38 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 07:38 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 07:38 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 07:38 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 07:38 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 07:38 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 07:38 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 07:38 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 07:38 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 07:38 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 07:38 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 07:37 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 07:37 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 07:37 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 07:37 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 07:37 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 07:37 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 07:37 - 2014-07-25 04:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 07:37 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 07:37 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 07:37 - 2014-07-25 04:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 07:37 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 07:37 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 07:37 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 07:31 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-15 07:31 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-15 07:31 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-15 07:30 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-15 07:30 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-15 07:30 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-15 07:30 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-15 07:30 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-15 07:30 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-15 07:30 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-15 07:30 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-15 07:30 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-15 07:30 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-15 07:30 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-15 07:30 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-15 07:30 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-15 07:29 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-15 07:29 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-15 07:29 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-15 07:29 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-15 07:27 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-15 07:26 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-15 07:26 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-15 07:26 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-15 07:26 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-15 07:26 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-15 07:25 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-15 07:25 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-15 07:25 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-15 07:25 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-15 07:25 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-15 07:25 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-15 07:25 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-15 07:25 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-15 07:25 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-15 07:25 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-15 07:25 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-15 07:25 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-15 07:25 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-15 07:25 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-15 07:25 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-15 07:25 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-15 07:25 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-15 07:25 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-15 07:24 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 07:24 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 07:24 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-15 07:24 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-15 07:24 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 07:23 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 07:23 - 2014-08-06 15:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-15 07:23 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 07:23 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 07:23 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 07:23 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-15 07:23 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-15 07:23 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-15 07:23 - 2014-05-31 03:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-15 07:23 - 2014-05-31 03:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-15 07:23 - 2014-05-30 23:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-15 07:23 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-15 07:23 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-15 07:23 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-15 07:23 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-15 07:23 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-15 07:23 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-15 07:23 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-15 07:23 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 07:23 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-15 07:23 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 20:05 - 2014-08-28 11:26 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-14 19:44 - 2014-08-28 13:01 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 19:42 - 2014-08-28 13:01 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 19:42 - 2014-08-28 13:01 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-14 19:42 - 2014-08-14 19:56 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-14 19:42 - 2014-08-14 19:56 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Users\judy\AppData\Local\Google
2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2014-08-14 18:54 - 2014-08-16 14:06 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar
2014-08-14 18:54 - 2014-08-16 07:53 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-14 18:51 - 2014-08-14 18:52 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
2014-08-13 20:38 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 20:38 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 20:38 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 20:38 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 20:38 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 20:38 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 20:38 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_14
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_14
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-28 13:09 - 2014-08-27 23:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-28 13:03 - 2014-03-18 03:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-28 13:02 - 2014-06-01 07:00 - 00000000 ____D () C:\Users\judy\AppData\Local\clear.fi
2014-08-28 13:01 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-28 13:01 - 2014-08-14 19:44 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 13:01 - 2014-08-14 19:42 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 13:01 - 2014-08-14 19:42 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 13:01 - 2014-06-17 15:34 - 00000000 ___DO () C:\Users\judy\OneDrive
2014-08-28 13:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-28 12:59 - 2014-08-27 23:09 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-28 12:58 - 2014-08-27 18:06 - 00007878 _____ () C:\WINDOWS\PFRO.log
2014-08-28 12:58 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-28 12:57 - 2014-08-27 23:04 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-08-28 12:56 - 2014-03-15 00:56 - 00000304 _____ () C:\WINDOWS\Tasks\UpdaterEX.job
2014-08-28 12:16 - 2014-08-28 12:15 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-28 12:09 - 2014-03-15 00:56 - 00000134 _____ () C:\Users\judy\AppData\Roaming\WB.CFG
2014-08-28 11:45 - 2014-06-12 06:09 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{845855BE-4589-4F75-966A-FA55784F54FD}
2014-08-28 11:42 - 2014-08-28 11:41 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:42 - 2014-08-28 11:41 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:36 - 2014-08-28 11:35 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm
2014-08-28 11:27 - 2014-08-27 23:08 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_228
2014-08-28 11:26 - 2014-08-14 20:05 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-28 11:20 - 2014-02-02 17:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-1001
2014-08-28 11:14 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-28 11:10 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-27 23:35 - 2014-08-27 23:13 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:19 - 2014-07-09 04:26 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2014-08-27 23:19 - 2014-06-16 16:04 - 00000000 ____D () C:\ProgramData\clear.fi
2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-08-27 23:15 - 2014-08-27 23:13 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:13 - 2014-08-27 23:12 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:12 - 2014-07-10 13:41 - 00002005 _____ () C:\Users\Public\Desktop\abPhoto.lnk
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:09 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_228
2014-08-27 23:07 - 2014-08-27 23:00 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:05 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-08-27 22:59 - 2014-08-27 22:58 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit
2014-08-27 22:34 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-27 22:28 - 2014-08-11 07:34 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 17:17 - 2013-08-03 04:03 - 00000000 ____D () C:\ProgramData\OEM
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-22 06:58 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-16 14:06 - 2014-08-14 18:54 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar
2014-08-16 12:06 - 2014-02-02 17:41 - 00000000 ____D () C:\Program Files (x86)\Knight System Protector
2014-08-16 12:00 - 2013-08-22 07:44 - 00335784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-16 11:57 - 2014-07-12 22:28 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-16 11:57 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids
2014-08-16 07:54 - 2014-08-16 07:53 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-08-16 07:53 - 2014-08-14 18:54 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search
2014-08-14 20:11 - 2014-08-14 20:09 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 20:09 - 2014-08-11 07:33 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-14 19:58 - 2014-06-17 13:46 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-14 19:58 - 2014-02-02 17:30 - 00000000 ____D () C:\Users\judy\AppData\Local\CrashDumps
2014-08-14 19:56 - 2014-08-14 19:42 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-14 19:56 - 2014-08-14 19:42 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Users\judy\AppData\Local\Google
2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-14 19:33 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-14 18:52 - 2014-08-14 18:51 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
2014-08-14 08:33 - 2014-02-05 11:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-14 08:31 - 2014-02-05 11:59 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-13 20:36 - 2014-03-18 03:13 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-13 17:39 - 2014-06-17 13:25 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-13 17:36 - 2013-08-21 21:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 17:36 - 2013-08-21 20:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 17:36 - 2013-08-21 20:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-13 17:35 - 2014-03-18 03:13 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 17:35 - 2014-03-18 03:13 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 17:35 - 2014-03-18 03:13 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 17:35 - 2013-08-22 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 17:35 - 2013-08-22 04:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 17:35 - 2013-08-22 04:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 17:35 - 2013-08-22 04:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 17:35 - 2013-08-22 04:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 17:35 - 2013-08-22 04:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 17:35 - 2013-08-22 03:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-13 17:35 - 2013-08-21 20:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 17:35 - 2013-08-21 20:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-13 17:35 - 2013-08-21 20:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2014-08-12 21:43 - 2014-06-16 16:16 - 00003334 _____ () C:\WINDOWS\System32\Tasks\AcerCloud
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_14
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_14
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-06 19:12 - 2014-08-15 07:23 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-06 15:39 - 2014-08-15 07:23 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-06 15:38 - 2014-08-15 07:24 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-05 19:05 - 2014-08-11 07:32 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-01 22:44 - 2014-08-15 07:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-01 20:56 - 2014-08-15 07:23 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-01 20:11 - 2014-08-15 07:23 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-01 17:17 - 2013-08-22 08:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-01 17:17 - 2013-08-22 08:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
Some content of TEMP:
====================
C:\Users\judy\AppData\Local\Temp\5A48_DriverRestore_EN.exe
C:\Users\judy\AppData\Local\Temp\air1370.exe
C:\Users\judy\AppData\Local\Temp\air18C5.exe
C:\Users\judy\AppData\Local\Temp\air240D.exe
C:\Users\judy\AppData\Local\Temp\air2474.exe
C:\Users\judy\AppData\Local\Temp\air274F.exe
C:\Users\judy\AppData\Local\Temp\air2ADB.exe
C:\Users\judy\AppData\Local\Temp\air4025.exe
C:\Users\judy\AppData\Local\Temp\air66A0.exe
C:\Users\judy\AppData\Local\Temp\air7DCB.exe
C:\Users\judy\AppData\Local\Temp\air9DEF.exe
C:\Users\judy\AppData\Local\Temp\airA76F.exe
C:\Users\judy\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\judy\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\judy\AppData\Local\Temp\F7B9_SpybotSD2.exe
C:\Users\judy\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe
C:\Users\judy\AppData\Local\Temp\post1.exe
C:\Users\judy\AppData\Local\Temp\post2.dll
C:\Users\judy\AppData\Local\Temp\post2.exe
C:\Users\judy\AppData\Local\Temp\setup.exe
C:\Users\judy\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\judy\AppData\Local\Temp\SfpcHelper_installStart.exe
C:\Users\judy\AppData\Local\Temp\SHSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-28 11:10
 
==================== End Of Log ============================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DE5B179F)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#4
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

i tried to applied for another account but was having issues so i used my account.....


  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I am surprised that windows actually runs to be honest... Lets now kill all rubbish

If you have problems copying all the fix into a fixlist.txt then I have attached the same fix here. Just save the fixlist,txt to the same location as FRST and then press fix
Attached File  fixlist.txt   18.94KB   235 downloads

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
C:\Program Files (x86)\Inbox Toolbar
C:\Users\judy\AppData\Roaming\ContentExplorer
C:\Program Files (x86)\Inbox3
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\InboxAce_1g
C:\Program Files (x86)\MyFunCards_5m
C:\Program Files (x86)\WSE_Astromenda
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\TotalRecipeSearch_14
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\ver1BlockAndSurf
C:\Users\judy\AppData\Roaming\VOPackage
C:\Program Files (x86)\TidyNetwork
C:\Users\judy\AppData\Local\DesktopTemperature
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset /c
CMD: netsh advfirewall set allprofiles state ON /c
CMD: ipconfig /flushdns /c
CMD: netsh winsock reset catalog /c
CMD: netsh int ip reset c:\resetlog.txt /c
CMD: ipconfig /release /c
CMD: ipconfig /renew /c
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
FINALLY

A fresh FRST scan to see what I missed :)
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#6
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by judy (administrator) on JUDYSPC on 28-08-2014 11:41:55
Running from C:\Users\judy\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe
() C:\Program Files (x86)\pastaleads\PastaLeadsService.exe
() C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
() C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe
() C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe
() C:\Program Files (x86)\ver1BlockAndSurf\BlockAndSurf.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
( ) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Inbox.com) C:\Program Files (x86)\Inbox3\Inbox3Tray.exe
(ContentExplorer) C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe
() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
(System Alerts LLC) C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Users\judy\AppData\Local\clear.fi\Portal\AcerPortalSetup.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-17] (Realtek Semiconductor)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [52992 2014-08-06] (Acer Incorporated)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [fst_us_228] => "C:\Program Files (x86)\fst_us_228\fst_us_228.exe"
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\RunOnce: [upfst_us_228.exe] => C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe [3337208 2014-08-25] ()
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2569984 2014-08-06] (Acer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
ShellIconOverlayIdentifiers: ACloudSyncedRF -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudSyncedSF -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudSyncing -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudToBeSynced -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKLM - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKLM-x32 - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = 
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} -  No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100
 
FireFox:
========
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-14]
CHR Extension: (Google Drive) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-21]
CHR Extension: (YouTube) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-14]
CHR Extension: (Google Search) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-14]
CHR Extension: (Google Wallet) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]
CHR Extension: (Gmail) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3058944 2014-08-06] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [356432 2014-06-25] (Term Tutor)
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-16] (AVG Secure Search)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-17] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-17] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-11-30] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-08-16] (AVG Technologies)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-20] ()
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-06-25] (Term Tutor)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-17] (Microsoft Corporation)
R2 webinstr; C:\WINDOWS\system32\Drivers\webinstr.sys [58040 2014-08-27] (Corsica)
R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U2 TMAgent; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-28 11:41 - 2014-08-28 11:42 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:41 - 2014-08-28 11:42 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:35 - 2014-08-28 11:36 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-28 11:27 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_228
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_228
2014-08-27 23:04 - 2014-08-28 12:57 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-08-27 22:59 - 2014-07-01 10:37 - 00020872 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2014-08-27 22:58 - 2014-08-27 22:59 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit
2014-08-27 18:06 - 2014-08-28 12:58 - 00007878 _____ () C:\WINDOWS\PFRO.log
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids
2014-08-16 07:53 - 2014-08-16 07:54 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-08-16 07:48 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-16 07:48 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 07:39 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 07:39 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 07:39 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 07:39 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 07:39 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 07:39 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 07:39 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 07:39 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 07:38 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 07:38 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 07:38 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 07:38 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 07:38 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 07:38 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 07:38 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 07:38 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 07:38 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 07:38 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 07:38 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 07:38 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 07:38 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 07:38 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 07:38 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 07:38 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 07:38 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 07:38 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 07:38 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 07:38 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 07:38 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 07:38 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 07:37 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 07:37 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 07:37 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 07:37 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 07:37 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 07:37 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 07:37 - 2014-07-25 04:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 07:37 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 07:37 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 07:37 - 2014-07-25 04:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 07:37 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 07:37 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 07:37 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 07:31 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-15 07:31 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-15 07:31 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-15 07:30 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-15 07:30 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-15 07:30 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-15 07:30 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-15 07:30 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-15 07:30 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-15 07:30 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-15 07:30 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-15 07:30 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-15 07:30 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-15 07:30 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-15 07:30 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-15 07:30 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-15 07:29 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-15 07:29 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-15 07:29 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-15 07:29 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-15 07:27 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-15 07:26 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-15 07:26 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-15 07:26 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-15 07:26 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-15 07:26 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-15 07:25 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-15 07:25 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-15 07:25 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-15 07:25 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-15 07:25 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-15 07:25 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-15 07:25 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-15 07:25 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-15 07:25 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-15 07:25 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-15 07:25 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-15 07:25 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-15 07:25 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-15 07:25 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-15 07:25 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-15 07:25 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-15 07:25 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-15 07:25 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-15 07:24 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 07:24 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 07:24 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-15 07:24 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-15 07:24 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 07:23 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 07:23 - 2014-08-06 15:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-15 07:23 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 07:23 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 07:23 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 07:23 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-15 07:23 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-15 07:23 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-15 07:23 - 2014-05-31 03:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-15 07:23 - 2014-05-31 03:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-15 07:23 - 2014-05-30 23:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-15 07:23 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-15 07:23 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-15 07:23 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-15 07:23 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-15 07:23 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-15 07:23 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-15 07:23 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-15 07:23 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 07:23 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-15 07:23 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 20:05 - 2014-08-28 11:26 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-14 19:44 - 2014-08-28 13:01 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 19:42 - 2014-08-28 13:01 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 19:42 - 2014-08-28 13:01 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-14 19:42 - 2014-08-14 19:56 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-14 19:42 - 2014-08-14 19:56 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Users\judy\AppData\Local\Google
2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2014-08-14 18:54 - 2014-08-16 14:06 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar
2014-08-14 18:54 - 2014-08-16 07:53 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-14 18:51 - 2014-08-14 18:52 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
2014-08-13 20:38 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 20:38 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 20:38 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 20:38 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 20:38 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 20:38 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 20:38 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_14
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_14
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-28 13:09 - 2014-08-27 23:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-28 13:03 - 2014-03-18 03:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-28 13:02 - 2014-06-01 07:00 - 00000000 ____D () C:\Users\judy\AppData\Local\clear.fi
2014-08-28 13:01 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-28 13:01 - 2014-08-14 19:44 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 13:01 - 2014-08-14 19:42 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 13:01 - 2014-08-14 19:42 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 13:01 - 2014-06-17 15:34 - 00000000 ___DO () C:\Users\judy\OneDrive
2014-08-28 13:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-28 12:59 - 2014-08-27 23:09 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-28 12:58 - 2014-08-27 18:06 - 00007878 _____ () C:\WINDOWS\PFRO.log
2014-08-28 12:58 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-28 12:57 - 2014-08-27 23:04 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-08-28 12:56 - 2014-03-15 00:56 - 00000304 _____ () C:\WINDOWS\Tasks\UpdaterEX.job
2014-08-28 12:16 - 2014-08-28 12:15 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-28 12:09 - 2014-03-15 00:56 - 00000134 _____ () C:\Users\judy\AppData\Roaming\WB.CFG
2014-08-28 11:45 - 2014-06-12 06:09 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{845855BE-4589-4F75-966A-FA55784F54FD}
2014-08-28 11:42 - 2014-08-28 11:41 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:42 - 2014-08-28 11:41 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:36 - 2014-08-28 11:35 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm
2014-08-28 11:27 - 2014-08-27 23:08 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_228
2014-08-28 11:26 - 2014-08-14 20:05 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-28 11:20 - 2014-02-02 17:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-1001
2014-08-28 11:14 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-28 11:10 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-27 23:35 - 2014-08-27 23:13 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:19 - 2014-07-09 04:26 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2014-08-27 23:19 - 2014-06-16 16:04 - 00000000 ____D () C:\ProgramData\clear.fi
2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-08-27 23:15 - 2014-08-27 23:13 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:13 - 2014-08-27 23:12 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:12 - 2014-07-10 13:41 - 00002005 _____ () C:\Users\Public\Desktop\abPhoto.lnk
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:09 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_228
2014-08-27 23:07 - 2014-08-27 23:00 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:05 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-08-27 22:59 - 2014-08-27 22:58 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit
2014-08-27 22:34 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-27 22:28 - 2014-08-11 07:34 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 17:17 - 2013-08-03 04:03 - 00000000 ____D () C:\ProgramData\OEM
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-22 06:58 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-16 14:06 - 2014-08-14 18:54 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar
2014-08-16 12:06 - 2014-02-02 17:41 - 00000000 ____D () C:\Program Files (x86)\Knight System Protector
2014-08-16 12:00 - 2013-08-22 07:44 - 00335784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-16 11:57 - 2014-07-12 22:28 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-16 11:57 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids
2014-08-16 07:54 - 2014-08-16 07:53 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-08-16 07:53 - 2014-08-14 18:54 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search
2014-08-14 20:11 - 2014-08-14 20:09 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 20:09 - 2014-08-11 07:33 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-14 19:58 - 2014-06-17 13:46 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-14 19:58 - 2014-02-02 17:30 - 00000000 ____D () C:\Users\judy\AppData\Local\CrashDumps
2014-08-14 19:56 - 2014-08-14 19:42 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-14 19:56 - 2014-08-14 19:42 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Users\judy\AppData\Local\Google
2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-14 19:33 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-14 18:52 - 2014-08-14 18:51 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
2014-08-14 08:33 - 2014-02-05 11:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-14 08:31 - 2014-02-05 11:59 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-13 20:36 - 2014-03-18 03:13 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-13 17:39 - 2014-06-17 13:25 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-13 17:36 - 2013-08-21 21:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 17:36 - 2013-08-21 20:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 17:36 - 2013-08-21 20:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-13 17:35 - 2014-03-18 03:13 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 17:35 - 2014-03-18 03:13 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 17:35 - 2014-03-18 03:13 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 17:35 - 2013-08-22 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 17:35 - 2013-08-22 04:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 17:35 - 2013-08-22 04:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 17:35 - 2013-08-22 04:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 17:35 - 2013-08-22 04:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 17:35 - 2013-08-22 04:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 17:35 - 2013-08-22 03:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-13 17:35 - 2013-08-21 20:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 17:35 - 2013-08-21 20:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-13 17:35 - 2013-08-21 20:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2014-08-12 21:43 - 2014-06-16 16:16 - 00003334 _____ () C:\WINDOWS\System32\Tasks\AcerCloud
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_14
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_14
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-06 19:12 - 2014-08-15 07:23 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-06 15:39 - 2014-08-15 07:23 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-06 15:38 - 2014-08-15 07:24 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-05 19:05 - 2014-08-11 07:32 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-01 22:44 - 2014-08-15 07:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-01 20:56 - 2014-08-15 07:23 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-01 20:11 - 2014-08-15 07:23 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-01 17:17 - 2013-08-22 08:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-01 17:17 - 2013-08-22 08:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
Some content of TEMP:
====================
C:\Users\judy\AppData\Local\Temp\5A48_DriverRestore_EN.exe
C:\Users\judy\AppData\Local\Temp\air1370.exe
C:\Users\judy\AppData\Local\Temp\air18C5.exe
C:\Users\judy\AppData\Local\Temp\air240D.exe
C:\Users\judy\AppData\Local\Temp\air2474.exe
C:\Users\judy\AppData\Local\Temp\air274F.exe
C:\Users\judy\AppData\Local\Temp\air2ADB.exe
C:\Users\judy\AppData\Local\Temp\air4025.exe
C:\Users\judy\AppData\Local\Temp\air66A0.exe
C:\Users\judy\AppData\Local\Temp\air7DCB.exe
C:\Users\judy\AppData\Local\Temp\air9DEF.exe
C:\Users\judy\AppData\Local\Temp\airA76F.exe
C:\Users\judy\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\judy\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\judy\AppData\Local\Temp\F7B9_SpybotSD2.exe
C:\Users\judy\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe
C:\Users\judy\AppData\Local\Temp\post1.exe
C:\Users\judy\AppData\Local\Temp\post2.dll
C:\Users\judy\AppData\Local\Temp\post2.exe
C:\Users\judy\AppData\Local\Temp\setup.exe
C:\Users\judy\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\judy\AppData\Local\Temp\SfpcHelper_installStart.exe
C:\Users\judy\AppData\Local\Temp\SHSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-28 11:10
 
==================== End Of Log ============================

 

OK I am surprised that windows actually runs to be honest... Lets now kill all rubbish

If you have problems copying all the fix into a fixlist.txt then I have attached the same fix here. Just save the fixlist,txt to the same location as FRST and then press fix
attachicon.giffixlist.txt

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
C:\Program Files (x86)\Inbox Toolbar
C:\Users\judy\AppData\Roaming\ContentExplorer
C:\Program Files (x86)\Inbox3
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\InboxAce_1g
C:\Program Files (x86)\MyFunCards_5m
C:\Program Files (x86)\WSE_Astromenda
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\TotalRecipeSearch_14
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\ver1BlockAndSurf
C:\Users\judy\AppData\Roaming\VOPackage
C:\Program Files (x86)\TidyNetwork
C:\Users\judy\AppData\Local\DesktopTemperature
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset /c
CMD: netsh advfirewall set allprofiles state ON /c
CMD: ipconfig /flushdns /c
CMD: netsh winsock reset catalog /c
CMD: netsh int ip reset c:\resetlog.txt /c
CMD: ipconfig /release /c
CMD: ipconfig /renew /c
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
FINALLY

A fresh FRST scan to see what I missed :)
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

 

 

OK I am surprised that windows actually runs to be honest... Lets now kill all rubbish

If you have problems copying all the fix into a fixlist.txt then I have attached the same fix here. Just save the fixlist,txt to the same location as FRST and then press fix
attachicon.giffixlist.txt

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
C:\Program Files (x86)\Inbox Toolbar
C:\Users\judy\AppData\Roaming\ContentExplorer
C:\Program Files (x86)\Inbox3
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\InboxAce_1g
C:\Program Files (x86)\MyFunCards_5m
C:\Program Files (x86)\WSE_Astromenda
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\TotalRecipeSearch_14
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\ver1BlockAndSurf
C:\Users\judy\AppData\Roaming\VOPackage
C:\Program Files (x86)\TidyNetwork
C:\Users\judy\AppData\Local\DesktopTemperature
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset /c
CMD: netsh advfirewall set allprofiles state ON /c
CMD: ipconfig /flushdns /c
CMD: netsh winsock reset catalog /c
CMD: netsh int ip reset c:\resetlog.txt /c
CMD: ipconfig /release /c
CMD: ipconfig /renew /c
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
FINALLY

A fresh FRST scan to see what I missed :)
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by judy (administrator) on JUDYSPC on 28-08-2014 11:41:55
Running from C:\Users\judy\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe
() C:\Program Files (x86)\pastaleads\PastaLeadsService.exe
() C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
() C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe
() C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe
() C:\Program Files (x86)\ver1BlockAndSurf\BlockAndSurf.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
( ) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Inbox.com) C:\Program Files (x86)\Inbox3\Inbox3Tray.exe
(ContentExplorer) C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe
() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
(System Alerts LLC) C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Users\judy\AppData\Local\clear.fi\Portal\AcerPortalSetup.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-17] (Realtek Semiconductor)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [52992 2014-08-06] (Acer Incorporated)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [fst_us_228] => "C:\Program Files (x86)\fst_us_228\fst_us_228.exe"
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\RunOnce: [upfst_us_228.exe] => C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe [3337208 2014-08-25] ()
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2569984 2014-08-06] (Acer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
ShellIconOverlayIdentifiers: ACloudSyncedRF -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudSyncedSF -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudSyncing -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudToBeSynced -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKLM - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKLM-x32 - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = 
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} -  No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100
 
FireFox:
========
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-14]
CHR Extension: (Google Drive) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-21]
CHR Extension: (YouTube) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-14]
CHR Extension: (Google Search) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-14]
CHR Extension: (Google Wallet) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]
CHR Extension: (Gmail) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3058944 2014-08-06] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [356432 2014-06-25] (Term Tutor)
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-16] (AVG Secure Search)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-17] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-17] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-11-30] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-08-16] (AVG Technologies)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-20] ()
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-06-25] (Term Tutor)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-17] (Microsoft Corporation)
R2 webinstr; C:\WINDOWS\system32\Drivers\webinstr.sys [58040 2014-08-27] (Corsica)
R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U2 TMAgent; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-28 11:41 - 2014-08-28 11:42 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:41 - 2014-08-28 11:42 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:35 - 2014-08-28 11:36 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-28 11:27 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_228
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_228
2014-08-27 23:04 - 2014-08-28 12:57 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-08-27 22:59 - 2014-07-01 10:37 - 00020872 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2014-08-27 22:58 - 2014-08-27 22:59 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit
2014-08-27 18:06 - 2014-08-28 12:58 - 00007878 _____ () C:\WINDOWS\PFRO.log
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids
2014-08-16 07:53 - 2014-08-16 07:54 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-08-16 07:48 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-16 07:48 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 07:39 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 07:39 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 07:39 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 07:39 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 07:39 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 07:39 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 07:39 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 07:39 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 07:38 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 07:38 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 07:38 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 07:38 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 07:38 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 07:38 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 07:38 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 07:38 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 07:38 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 07:38 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 07:38 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 07:38 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 07:38 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 07:38 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 07:38 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 07:38 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 07:38 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 07:38 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 07:38 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 07:38 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 07:38 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 07:38 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 07:37 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 07:37 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 07:37 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 07:37 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 07:37 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 07:37 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 07:37 - 2014-07-25 04:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 07:37 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 07:37 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 07:37 - 2014-07-25 04:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 07:37 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 07:37 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 07:37 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 07:31 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-15 07:31 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-15 07:31 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-15 07:30 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-15 07:30 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-15 07:30 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-15 07:30 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-15 07:30 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-15 07:30 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-15 07:30 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-15 07:30 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-15 07:30 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-15 07:30 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-15 07:30 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-15 07:30 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-15 07:30 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-15 07:29 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-15 07:29 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-15 07:29 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-15 07:29 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-15 07:27 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-15 07:26 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-15 07:26 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-15 07:26 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-15 07:26 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-15 07:26 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-15 07:25 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-15 07:25 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-15 07:25 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-15 07:25 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-15 07:25 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-15 07:25 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-15 07:25 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-15 07:25 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-15 07:25 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-15 07:25 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-15 07:25 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-15 07:25 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-15 07:25 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-15 07:25 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-15 07:25 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-15 07:25 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-15 07:25 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-15 07:25 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-15 07:24 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 07:24 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 07:24 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-15 07:24 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-15 07:24 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 07:23 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 07:23 - 2014-08-06 15:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-15 07:23 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 07:23 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 07:23 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 07:23 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-15 07:23 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-15 07:23 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-15 07:23 - 2014-05-31 03:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-15 07:23 - 2014-05-31 03:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-15 07:23 - 2014-05-30 23:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-15 07:23 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-15 07:23 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-15 07:23 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-15 07:23 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-15 07:23 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-15 07:23 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-15 07:23 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-15 07:23 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 07:23 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-15 07:23 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 20:05 - 2014-08-28 11:26 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-14 19:44 - 2014-08-28 13:01 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 19:42 - 2014-08-28 13:01 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 19:42 - 2014-08-28 13:01 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-14 19:42 - 2014-08-14 19:56 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-14 19:42 - 2014-08-14 19:56 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Users\judy\AppData\Local\Google
2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2014-08-14 18:54 - 2014-08-16 14:06 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar
2014-08-14 18:54 - 2014-08-16 07:53 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-14 18:51 - 2014-08-14 18:52 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
2014-08-13 20:38 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 20:38 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 20:38 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 20:38 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 20:38 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 20:38 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 20:38 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_14
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_14
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-28 13:09 - 2014-08-27 23:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-28 13:03 - 2014-03-18 03:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-28 13:02 - 2014-06-01 07:00 - 00000000 ____D () C:\Users\judy\AppData\Local\clear.fi
2014-08-28 13:01 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-28 13:01 - 2014-08-14 19:44 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 13:01 - 2014-08-14 19:42 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 13:01 - 2014-08-14 19:42 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 13:01 - 2014-06-17 15:34 - 00000000 ___DO () C:\Users\judy\OneDrive
2014-08-28 13:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-28 12:59 - 2014-08-27 23:09 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-28 12:58 - 2014-08-27 18:06 - 00007878 _____ () C:\WINDOWS\PFRO.log
2014-08-28 12:58 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-28 12:57 - 2014-08-27 23:04 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-08-28 12:56 - 2014-03-15 00:56 - 00000304 _____ () C:\WINDOWS\Tasks\UpdaterEX.job
2014-08-28 12:16 - 2014-08-28 12:15 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-28 12:09 - 2014-03-15 00:56 - 00000134 _____ () C:\Users\judy\AppData\Roaming\WB.CFG
2014-08-28 11:45 - 2014-06-12 06:09 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{845855BE-4589-4F75-966A-FA55784F54FD}
2014-08-28 11:42 - 2014-08-28 11:41 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:42 - 2014-08-28 11:41 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:36 - 2014-08-28 11:35 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm
2014-08-28 11:27 - 2014-08-27 23:08 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_228
2014-08-28 11:26 - 2014-08-14 20:05 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-28 11:20 - 2014-02-02 17:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-1001
2014-08-28 11:14 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-28 11:10 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-27 23:35 - 2014-08-27 23:13 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:19 - 2014-07-09 04:26 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2014-08-27 23:19 - 2014-06-16 16:04 - 00000000 ____D () C:\ProgramData\clear.fi
2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-08-27 23:15 - 2014-08-27 23:13 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:13 - 2014-08-27 23:12 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:12 - 2014-07-10 13:41 - 00002005 _____ () C:\Users\Public\Desktop\abPhoto.lnk
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:09 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_228
2014-08-27 23:07 - 2014-08-27 23:00 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:05 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-08-27 22:59 - 2014-08-27 22:58 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit
2014-08-27 22:34 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-27 22:28 - 2014-08-11 07:34 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 17:17 - 2013-08-03 04:03 - 00000000 ____D () C:\ProgramData\OEM
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-22 06:58 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-16 14:06 - 2014-08-14 18:54 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar
2014-08-16 12:06 - 2014-02-02 17:41 - 00000000 ____D () C:\Program Files (x86)\Knight System Protector
2014-08-16 12:00 - 2013-08-22 07:44 - 00335784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-16 11:57 - 2014-07-12 22:28 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-16 11:57 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids
2014-08-16 07:54 - 2014-08-16 07:53 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-08-16 07:53 - 2014-08-14 18:54 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search
2014-08-14 20:11 - 2014-08-14 20:09 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 20:09 - 2014-08-11 07:33 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-14 19:58 - 2014-06-17 13:46 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-14 19:58 - 2014-02-02 17:30 - 00000000 ____D () C:\Users\judy\AppData\Local\CrashDumps
2014-08-14 19:56 - 2014-08-14 19:42 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-14 19:56 - 2014-08-14 19:42 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Users\judy\AppData\Local\Google
2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-14 19:33 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-14 18:52 - 2014-08-14 18:51 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
2014-08-14 08:33 - 2014-02-05 11:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-14 08:31 - 2014-02-05 11:59 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-13 20:36 - 2014-03-18 03:13 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-13 17:39 - 2014-06-17 13:25 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-13 17:36 - 2013-08-21 21:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 17:36 - 2013-08-21 20:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 17:36 - 2013-08-21 20:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-13 17:35 - 2014-03-18 03:13 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 17:35 - 2014-03-18 03:13 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 17:35 - 2014-03-18 03:13 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 17:35 - 2013-08-22 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 17:35 - 2013-08-22 04:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 17:35 - 2013-08-22 04:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 17:35 - 2013-08-22 04:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 17:35 - 2013-08-22 04:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 17:35 - 2013-08-22 04:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 17:35 - 2013-08-22 03:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-13 17:35 - 2013-08-21 20:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 17:35 - 2013-08-21 20:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-13 17:35 - 2013-08-21 20:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2014-08-12 21:43 - 2014-06-16 16:16 - 00003334 _____ () C:\WINDOWS\System32\Tasks\AcerCloud
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_14
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_14
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-06 19:12 - 2014-08-15 07:23 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-06 15:39 - 2014-08-15 07:23 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-06 15:38 - 2014-08-15 07:24 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-05 19:05 - 2014-08-11 07:32 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-01 22:44 - 2014-08-15 07:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-01 20:56 - 2014-08-15 07:23 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-01 20:11 - 2014-08-15 07:23 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-01 17:17 - 2013-08-22 08:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-01 17:17 - 2013-08-22 08:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
Some content of TEMP:
====================
C:\Users\judy\AppData\Local\Temp\5A48_DriverRestore_EN.exe
C:\Users\judy\AppData\Local\Temp\air1370.exe
C:\Users\judy\AppData\Local\Temp\air18C5.exe
C:\Users\judy\AppData\Local\Temp\air240D.exe
C:\Users\judy\AppData\Local\Temp\air2474.exe
C:\Users\judy\AppData\Local\Temp\air274F.exe
C:\Users\judy\AppData\Local\Temp\air2ADB.exe
C:\Users\judy\AppData\Local\Temp\air4025.exe
C:\Users\judy\AppData\Local\Temp\air66A0.exe
C:\Users\judy\AppData\Local\Temp\air7DCB.exe
C:\Users\judy\AppData\Local\Temp\air9DEF.exe
C:\Users\judy\AppData\Local\Temp\airA76F.exe
C:\Users\judy\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\judy\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\judy\AppData\Local\Temp\F7B9_SpybotSD2.exe
C:\Users\judy\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe
C:\Users\judy\AppData\Local\Temp\post1.exe
C:\Users\judy\AppData\Local\Temp\post2.dll
C:\Users\judy\AppData\Local\Temp\post2.exe
C:\Users\judy\AppData\Local\Temp\setup.exe
C:\Users\judy\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\judy\AppData\Local\Temp\SfpcHelper_installStart.exe
C:\Users\judy\AppData\Local\Temp\SHSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-28 11:10
 
==================== End Of Log ============================

  • 0

#7
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by judy (administrator) on JUDYSPC on 28-08-2014 11:41:55
Running from C:\Users\judy\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe
() C:\Program Files (x86)\pastaleads\PastaLeadsService.exe
() C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
() C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe
() C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe
() C:\Program Files (x86)\ver1BlockAndSurf\BlockAndSurf.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
( ) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Inbox.com) C:\Program Files (x86)\Inbox3\Inbox3Tray.exe
(ContentExplorer) C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe
() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
(System Alerts LLC) C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Users\judy\AppData\Local\clear.fi\Portal\AcerPortalSetup.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-17] (Realtek Semiconductor)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [52992 2014-08-06] (Acer Incorporated)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [fst_us_228] => "C:\Program Files (x86)\fst_us_228\fst_us_228.exe"
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\RunOnce: [upfst_us_228.exe] => C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe [3337208 2014-08-25] ()
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2569984 2014-08-06] (Acer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
ShellIconOverlayIdentifiers: ACloudSyncedRF -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudSyncedSF -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudSyncing -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudToBeSynced -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKLM - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKLM-x32 - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = 
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} -  No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100
 
FireFox:
========
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-14]
CHR Extension: (Google Drive) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-21]
CHR Extension: (YouTube) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-14]
CHR Extension: (Google Search) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-14]
CHR Extension: (Google Wallet) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]
CHR Extension: (Gmail) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3058944 2014-08-06] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [356432 2014-06-25] (Term Tutor)
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-16] (AVG Secure Search)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-17] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-17] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-11-30] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-08-16] (AVG Technologies)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-20] ()
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-06-25] (Term Tutor)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-17] (Microsoft Corporation)
R2 webinstr; C:\WINDOWS\system32\Drivers\webinstr.sys [58040 2014-08-27] (Corsica)
R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U2 TMAgent; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-28 11:41 - 2014-08-28 11:42 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:41 - 2014-08-28 11:42 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:35 - 2014-08-28 11:36 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-28 11:27 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_228
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_228
2014-08-27 23:04 - 2014-08-28 12:57 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-08-27 22:59 - 2014-07-01 10:37 - 00020872 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2014-08-27 22:58 - 2014-08-27 22:59 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit
2014-08-27 18:06 - 2014-08-28 12:58 - 00007878 _____ () C:\WINDOWS\PFRO.log
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids
2014-08-16 07:53 - 2014-08-16 07:54 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-08-16 07:48 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-16 07:48 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 07:39 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 07:39 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 07:39 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 07:39 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 07:39 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 07:39 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 07:39 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 07:39 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 07:38 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 07:38 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 07:38 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 07:38 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 07:38 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 07:38 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 07:38 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 07:38 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 07:38 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 07:38 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 07:38 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 07:38 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 07:38 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 07:38 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 07:38 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 07:38 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 07:38 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 07:38 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 07:38 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 07:38 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 07:38 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 07:38 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 07:37 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 07:37 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 07:37 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 07:37 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 07:37 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 07:37 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 07:37 - 2014-07-25 04:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 07:37 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 07:37 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 07:37 - 2014-07-25 04:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 07:37 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 07:37 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 07:37 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 07:31 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-15 07:31 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-15 07:31 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-15 07:30 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-15 07:30 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-15 07:30 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-15 07:30 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-15 07:30 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-15 07:30 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-15 07:30 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-15 07:30 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-15 07:30 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-15 07:30 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-15 07:30 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-15 07:30 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-15 07:30 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-15 07:29 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-15 07:29 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-15 07:29 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-15 07:29 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-15 07:27 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-15 07:26 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-15 07:26 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-15 07:26 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-15 07:26 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-15 07:26 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-15 07:25 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-15 07:25 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-15 07:25 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-15 07:25 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-15 07:25 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-15 07:25 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-15 07:25 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-15 07:25 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-15 07:25 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-15 07:25 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-15 07:25 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-15 07:25 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-15 07:25 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-15 07:25 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-15 07:25 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-15 07:25 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-15 07:25 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-15 07:25 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-15 07:24 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 07:24 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 07:24 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-15 07:24 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-15 07:24 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 07:23 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 07:23 - 2014-08-06 15:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-15 07:23 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 07:23 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 07:23 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 07:23 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-15 07:23 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-15 07:23 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-15 07:23 - 2014-05-31 03:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-15 07:23 - 2014-05-31 03:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-15 07:23 - 2014-05-30 23:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-15 07:23 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-15 07:23 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-15 07:23 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-15 07:23 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-15 07:23 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-15 07:23 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-15 07:23 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-15 07:23 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 07:23 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-15 07:23 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 20:05 - 2014-08-28 11:26 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-14 19:44 - 2014-08-28 13:01 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 19:42 - 2014-08-28 13:01 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 19:42 - 2014-08-28 13:01 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-14 19:42 - 2014-08-14 19:56 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-14 19:42 - 2014-08-14 19:56 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Users\judy\AppData\Local\Google
2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2014-08-14 18:54 - 2014-08-16 14:06 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar
2014-08-14 18:54 - 2014-08-16 07:53 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-14 18:51 - 2014-08-14 18:52 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
2014-08-13 20:38 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 20:38 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 20:38 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 20:38 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 20:38 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 20:38 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 20:38 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_14
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_14
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-28 13:09 - 2014-08-27 23:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-28 13:03 - 2014-03-18 03:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-28 13:02 - 2014-06-01 07:00 - 00000000 ____D () C:\Users\judy\AppData\Local\clear.fi
2014-08-28 13:01 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-28 13:01 - 2014-08-14 19:44 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 13:01 - 2014-08-14 19:42 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 13:01 - 2014-08-14 19:42 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 13:01 - 2014-06-17 15:34 - 00000000 ___DO () C:\Users\judy\OneDrive
2014-08-28 13:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-28 12:59 - 2014-08-27 23:09 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-28 12:58 - 2014-08-27 18:06 - 00007878 _____ () C:\WINDOWS\PFRO.log
2014-08-28 12:58 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-28 12:57 - 2014-08-27 23:04 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-08-28 12:56 - 2014-03-15 00:56 - 00000304 _____ () C:\WINDOWS\Tasks\UpdaterEX.job
2014-08-28 12:16 - 2014-08-28 12:15 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-28 12:09 - 2014-03-15 00:56 - 00000134 _____ () C:\Users\judy\AppData\Roaming\WB.CFG
2014-08-28 11:45 - 2014-06-12 06:09 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{845855BE-4589-4F75-966A-FA55784F54FD}
2014-08-28 11:42 - 2014-08-28 11:41 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:42 - 2014-08-28 11:41 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:36 - 2014-08-28 11:35 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm
2014-08-28 11:27 - 2014-08-27 23:08 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_228
2014-08-28 11:26 - 2014-08-14 20:05 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-28 11:20 - 2014-02-02 17:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-1001
2014-08-28 11:14 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-28 11:10 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-27 23:35 - 2014-08-27 23:13 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:19 - 2014-07-09 04:26 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2014-08-27 23:19 - 2014-06-16 16:04 - 00000000 ____D () C:\ProgramData\clear.fi
2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-08-27 23:15 - 2014-08-27 23:13 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:13 - 2014-08-27 23:12 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:12 - 2014-07-10 13:41 - 00002005 _____ () C:\Users\Public\Desktop\abPhoto.lnk
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:09 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_228
2014-08-27 23:07 - 2014-08-27 23:00 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:05 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-08-27 22:59 - 2014-08-27 22:58 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit
2014-08-27 22:34 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-27 22:28 - 2014-08-11 07:34 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 17:17 - 2013-08-03 04:03 - 00000000 ____D () C:\ProgramData\OEM
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-22 06:58 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-16 14:06 - 2014-08-14 18:54 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar
2014-08-16 12:06 - 2014-02-02 17:41 - 00000000 ____D () C:\Program Files (x86)\Knight System Protector
2014-08-16 12:00 - 2013-08-22 07:44 - 00335784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-16 11:57 - 2014-07-12 22:28 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-16 11:57 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids
2014-08-16 07:54 - 2014-08-16 07:53 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-08-16 07:53 - 2014-08-14 18:54 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search
2014-08-14 20:11 - 2014-08-14 20:09 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 20:09 - 2014-08-11 07:33 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-14 19:58 - 2014-06-17 13:46 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-14 19:58 - 2014-02-02 17:30 - 00000000 ____D () C:\Users\judy\AppData\Local\CrashDumps
2014-08-14 19:56 - 2014-08-14 19:42 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-14 19:56 - 2014-08-14 19:42 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Users\judy\AppData\Local\Google
2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-14 19:33 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-14 18:52 - 2014-08-14 18:51 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
2014-08-14 08:33 - 2014-02-05 11:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-14 08:31 - 2014-02-05 11:59 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-13 20:36 - 2014-03-18 03:13 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-13 17:39 - 2014-06-17 13:25 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-13 17:36 - 2013-08-21 21:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 17:36 - 2013-08-21 20:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 17:36 - 2013-08-21 20:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-13 17:35 - 2014-03-18 03:13 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 17:35 - 2014-03-18 03:13 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 17:35 - 2014-03-18 03:13 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 17:35 - 2013-08-22 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 17:35 - 2013-08-22 04:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 17:35 - 2013-08-22 04:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 17:35 - 2013-08-22 04:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 17:35 - 2013-08-22 04:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 17:35 - 2013-08-22 04:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 17:35 - 2013-08-22 03:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-13 17:35 - 2013-08-21 20:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 17:35 - 2013-08-21 20:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-13 17:35 - 2013-08-21 20:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2014-08-12 21:43 - 2014-06-16 16:16 - 00003334 _____ () C:\WINDOWS\System32\Tasks\AcerCloud
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_14
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_14
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-06 19:12 - 2014-08-15 07:23 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-06 15:39 - 2014-08-15 07:23 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-06 15:38 - 2014-08-15 07:24 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-05 19:05 - 2014-08-11 07:32 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-01 22:44 - 2014-08-15 07:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-01 20:56 - 2014-08-15 07:23 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-01 20:11 - 2014-08-15 07:23 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-01 17:17 - 2013-08-22 08:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-01 17:17 - 2013-08-22 08:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
Some content of TEMP:
====================
C:\Users\judy\AppData\Local\Temp\5A48_DriverRestore_EN.exe
C:\Users\judy\AppData\Local\Temp\air1370.exe
C:\Users\judy\AppData\Local\Temp\air18C5.exe
C:\Users\judy\AppData\Local\Temp\air240D.exe
C:\Users\judy\AppData\Local\Temp\air2474.exe
C:\Users\judy\AppData\Local\Temp\air274F.exe
C:\Users\judy\AppData\Local\Temp\air2ADB.exe
C:\Users\judy\AppData\Local\Temp\air4025.exe
C:\Users\judy\AppData\Local\Temp\air66A0.exe
C:\Users\judy\AppData\Local\Temp\air7DCB.exe
C:\Users\judy\AppData\Local\Temp\air9DEF.exe
C:\Users\judy\AppData\Local\Temp\airA76F.exe
C:\Users\judy\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\judy\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\judy\AppData\Local\Temp\F7B9_SpybotSD2.exe
C:\Users\judy\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe
C:\Users\judy\AppData\Local\Temp\post1.exe
C:\Users\judy\AppData\Local\Temp\post2.dll
C:\Users\judy\AppData\Local\Temp\post2.exe
C:\Users\judy\AppData\Local\Temp\setup.exe
C:\Users\judy\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\judy\AppData\Local\Temp\SfpcHelper_installStart.exe
C:\Users\judy\AppData\Local\Temp\SHSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-28 11:10
 
==================== End Of Log ============================

 

OK I am surprised that windows actually runs to be honest... Lets now kill all rubbish

If you have problems copying all the fix into a fixlist.txt then I have attached the same fix here. Just save the fixlist,txt to the same location as FRST and then press fix
attachicon.giffixlist.txt

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
C:\Program Files (x86)\Inbox Toolbar
C:\Users\judy\AppData\Roaming\ContentExplorer
C:\Program Files (x86)\Inbox3
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\InboxAce_1g
C:\Program Files (x86)\MyFunCards_5m
C:\Program Files (x86)\WSE_Astromenda
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\TotalRecipeSearch_14
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\ver1BlockAndSurf
C:\Users\judy\AppData\Roaming\VOPackage
C:\Program Files (x86)\TidyNetwork
C:\Users\judy\AppData\Local\DesktopTemperature
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset /c
CMD: netsh advfirewall set allprofiles state ON /c
CMD: ipconfig /flushdns /c
CMD: netsh winsock reset catalog /c
CMD: netsh int ip reset c:\resetlog.txt /c
CMD: ipconfig /release /c
CMD: ipconfig /renew /c
EmptyTemp:
CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
FINALLY

A fresh FRST scan to see what I missed :)
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

 

 

OK I am surprised that windows actually runs to be honest... Lets now kill all rubbish

If you have problems copying all the fix into a fixlist.txt then I have attached the same fix here. Just save the fixlist,txt to the same location as FRST and then press fix
attachicon.giffixlist.txt

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
C:\Program Files (x86)\Inbox Toolbar
C:\Users\judy\AppData\Roaming\ContentExplorer
C:\Program Files (x86)\Inbox3
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\InboxAce_1g
C:\Program Files (x86)\MyFunCards_5m
C:\Program Files (x86)\WSE_Astromenda
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\TotalRecipeSearch_14
C:\Program Files (x86)\UtilityChest_49
C:\Program Files (x86)\ver1BlockAndSurf
C:\Users\judy\AppData\Roaming\VOPackage
C:\Program Files (x86)\TidyNetwork
C:\Users\judy\AppData\Local\DesktopTemperature
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CMD: netsh advfirewall reset /c
CMD: netsh advfirewall set allprofiles state ON /c
CMD: ipconfig /flushdns /c
CMD: netsh winsock reset catalog /c
CMD: netsh int ip reset c:\resetlog.txt /c
CMD: ipconfig /release /c
CMD: ipconfig /renew /c
EmptyTemp:
CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
FINALLY

A fresh FRST scan to see what I missed :)
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by judy (administrator) on JUDYSPC on 28-08-2014 11:41:55
Running from C:\Users\judy\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe
() C:\Program Files (x86)\pastaleads\PastaLeadsService.exe
() C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
() C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe
() C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe
() C:\Program Files (x86)\ver1BlockAndSurf\BlockAndSurf.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
( ) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Inbox.com) C:\Program Files (x86)\Inbox3\Inbox3Tray.exe
(ContentExplorer) C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe
() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
(System Alerts LLC) C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Users\judy\AppData\Local\clear.fi\Portal\AcerPortalSetup.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-17] (Realtek Semiconductor)
HKLM\...\Run: [MyFunCards Home Page Guard 64 bit] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\AppIntegrator64.exe [485960 2014-07-03] ( )
HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\AppIntegrator64.exe [485960 2014-07-14] ( )
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-08-11] ( )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MyFunCards EPM Support] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mmedint.exe [12872 2014-07-03] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrchMn.exe [55368 2014-07-03] (Mindspark)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon.exe [61512 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader 64] => C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbrmon64.exe [71752 2014-07-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [52992 2014-08-06] (Acer Incorporated)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1417656 2014-06-30] (Xacti, LLC)
HKLM-x32\...\Run: [InboxAce EPM Support] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gmedint.exe [12872 2014-07-14] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [InboxAce Search Scope Monitor] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe [55368 2014-07-14] (Mindspark)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe [61512 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe [71752 2014-07-14] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Utility Chest EPM Support] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader 64] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-08-11] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-08-11] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-08-11] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [fst_us_228] => "C:\Program Files (x86)\fst_us_228\fst_us_228.exe"
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [17068032 2014-08-27] (AnyProtect.com)
HKLM-x32\...\RunOnce: [upfst_us_228.exe] => C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe [3337208 2014-08-25] ()
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2569984 2014-08-06] (Acer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Inbox3Tray.exe] => C:\Program Files (x86)\Inbox3\Inbox3Tray.exe [1736128 2014-06-12] (Inbox.com)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [ContentExplorer] => C:\Users\judy\AppData\Roaming\ContentExplorer\ContentExplorer.exe [2429680 2014-08-27] (ContentExplorer)
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1072128 2014-08-27] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\judy\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Startup: C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
ShellIconOverlayIdentifiers: ACloudSyncedRF -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudSyncedSF -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudSyncing -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: ACloudToBeSynced -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.100search...4-06-16&hpa=yes
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
URLSearchHook: HKCU - (No Name) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKLM - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKLM - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKLM-x32 - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www2.inbox.co...&iwk=316&lng=en
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://pandasecurity...q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...q={searchTerms}
SearchScopes: HKCU - {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...&iwk=311&lng=en
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKCU - {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = http://www.100search...q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://astromenda.co...=1903538428&ir=
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = 
BHO: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn64.dll ()
BHO: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178_x64.dll ()
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (Mindspark)
BHO-x32: TidyNetwork -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> C:\Program Files (x86)\TidyNetwork\petn.dll ()
BHO-x32: BlockAndSurf -> {5055CCDE-7EB9-56C9-4934-8387E98F0E9A} -> C:\Program Files (x86)\ver1BlockAndSurf\178.dll ()
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: Search Assistant BHO -> {9359da42-06fb-46f2-9e4a-05c05b98a5ef} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll (Mindspark)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {c4b22c87-45ef-4f43-89f2-40db2078864e} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll (Mindspark)
BHO-x32: TheSea.TheSeaPlugin -> {C585D593-E7F3-4852-A200-561686EE02E4} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
BHO-x32: Toolbar BHO -> {da71fd14-5f7b-46ae-b8b1-44074a38f331} -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - MyFunCards - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll (Mindspark)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll (Mindspark)
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (Mindspark)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {C4D78C72-08DB-4A3F-9175-B265157283F3} -  No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog9 01 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 17 C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100
 
FireFox:
========
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll (Mindspark)
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll (Mindspark)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (Mindspark)
FF HKCU\...\Firefox\Extensions: [{17C0B877-3B33-A890-ACFD-9D2FC5F5D56D}] - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver1BlockAndSurf\178.xpi [2014-08-27]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-14]
CHR Extension: (Google Drive) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-21]
CHR Extension: (YouTube) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-14]
CHR Extension: (Google Search) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-14]
CHR Extension: (Google Wallet) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]
CHR Extension: (Gmail) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-07-22] (Just Develop It)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3058944 2014-08-06] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 InboxAce_1gService; C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbarsvc.exe [88648 2014-07-14] (COMPANYVERS_NAME)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)
R2 MyFunCards_5mService; C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbarsvc.exe [88648 2014-07-03] (COMPANYVERS_NAME)
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [384408 2014-06-18] ()
R2 servervo; C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-27] () [File not signed]
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [356432 2014-06-25] (Term Tutor)
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [88648 2014-08-11] (COMPANYVERS_NAME)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-16] (AVG Secure Search)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-17] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-17] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-11-30] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-08-16] (AVG Technologies)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-20] ()
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-06-25] (Term Tutor)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-17] (Microsoft Corporation)
R2 webinstr; C:\WINDOWS\system32\Drivers\webinstr.sys [58040 2014-08-27] (Corsica)
R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U2 TMAgent; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-28 12:15 - 2014-08-28 12:16 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-28 11:41 - 2014-08-28 11:42 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:41 - 2014-08-28 11:42 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:35 - 2014-08-28 11:36 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-27 23:13 - 2014-08-28 12:58 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-27 23:13 - 2014-08-27 23:35 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:13 - 2014-08-27 23:15 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:13 - 2014-08-27 23:15 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:12 - 2014-08-27 23:13 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:09 - 2014-08-28 13:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-27 23:09 - 2014-08-28 12:59 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:08 - 2014-08-28 11:27 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_228
2014-08-27 23:08 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_228
2014-08-27 23:04 - 2014-08-28 12:57 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-27 23:00 - 2014-08-27 23:07 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 22:59 - 2014-08-27 23:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-08-27 22:59 - 2014-07-01 10:37 - 00020872 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2014-08-27 22:58 - 2014-08-27 22:59 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit
2014-08-27 18:06 - 2014-08-28 12:58 - 00007878 _____ () C:\WINDOWS\PFRO.log
2014-08-27 18:00 - 2014-08-28 13:01 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids
2014-08-16 07:53 - 2014-08-16 07:54 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-08-16 07:48 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-16 07:48 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 07:39 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 07:39 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 07:39 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 07:39 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 07:39 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 07:39 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 07:39 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 07:39 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 07:38 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 07:38 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 07:38 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 07:38 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 07:38 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 07:38 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 07:38 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 07:38 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 07:38 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 07:38 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 07:38 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 07:38 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 07:38 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 07:38 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 07:38 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 07:38 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 07:38 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 07:38 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 07:38 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 07:38 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 07:38 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 07:38 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 07:37 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 07:37 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 07:37 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 07:37 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 07:37 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 07:37 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 07:37 - 2014-07-25 04:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 07:37 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 07:37 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 07:37 - 2014-07-25 04:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 07:37 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 07:37 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 07:37 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 07:31 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-15 07:31 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-15 07:31 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-15 07:30 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-15 07:30 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-15 07:30 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-15 07:30 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-15 07:30 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-15 07:30 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-15 07:30 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-15 07:30 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-15 07:30 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-15 07:30 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-15 07:30 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-15 07:30 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-15 07:30 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-15 07:29 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-15 07:29 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-15 07:29 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-15 07:29 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-15 07:27 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-15 07:26 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-15 07:26 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-15 07:26 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-15 07:26 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-15 07:26 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-15 07:25 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-15 07:25 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-15 07:25 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-15 07:25 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-15 07:25 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-15 07:25 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-15 07:25 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-15 07:25 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-15 07:25 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-15 07:25 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-15 07:25 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-15 07:25 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-15 07:25 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-15 07:25 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-15 07:25 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-15 07:25 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-15 07:25 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-15 07:25 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-15 07:24 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 07:24 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 07:24 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-15 07:24 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-15 07:24 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 07:24 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 07:23 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 07:23 - 2014-08-06 15:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-15 07:23 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 07:23 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 07:23 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 07:23 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-15 07:23 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-15 07:23 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-15 07:23 - 2014-05-31 03:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-15 07:23 - 2014-05-31 03:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-15 07:23 - 2014-05-31 03:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-15 07:23 - 2014-05-30 23:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-15 07:23 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-15 07:23 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-15 07:23 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-15 07:23 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-15 07:23 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-15 07:23 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-15 07:23 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-15 07:23 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 07:23 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-15 07:23 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search
2014-08-14 20:09 - 2014-08-14 20:11 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 20:05 - 2014-08-28 11:26 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-14 19:44 - 2014-08-28 13:01 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 19:42 - 2014-08-28 13:01 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 19:42 - 2014-08-28 13:01 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-14 19:42 - 2014-08-14 19:56 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-14 19:42 - 2014-08-14 19:56 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Users\judy\AppData\Local\Google
2014-08-14 19:42 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2014-08-14 18:54 - 2014-08-16 14:06 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar
2014-08-14 18:54 - 2014-08-16 07:53 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-08-14 18:53 - 2014-08-25 18:25 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-14 18:51 - 2014-08-14 18:52 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
2014-08-13 20:38 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 20:38 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 20:38 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 20:38 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 20:38 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 20:38 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 20:38 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_14
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_14
2014-08-11 07:34 - 2014-08-27 22:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:33 - 2014-08-14 20:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:32 - 2014-08-05 19:05 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-28 13:09 - 2014-08-27 23:09 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-28 13:03 - 2014-03-18 03:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-28 13:02 - 2014-06-01 07:00 - 00000000 ____D () C:\Users\judy\AppData\Local\clear.fi
2014-08-28 13:01 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\DesktopTemperature
2014-08-28 13:01 - 2014-08-14 19:44 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 13:01 - 2014-08-14 19:42 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 13:01 - 2014-08-14 19:42 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 13:01 - 2014-06-17 15:34 - 00000000 ___DO () C:\Users\judy\OneDrive
2014-08-28 13:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-28 12:59 - 2014-08-27 23:09 - 00000438 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-08-28 12:58 - 2014-08-27 23:13 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-08-28 12:58 - 2014-08-27 18:06 - 00007878 _____ () C:\WINDOWS\PFRO.log
2014-08-28 12:58 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-28 12:57 - 2014-08-27 23:04 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-08-28 12:56 - 2014-03-15 00:56 - 00000304 _____ () C:\WINDOWS\Tasks\UpdaterEX.job
2014-08-28 12:16 - 2014-08-28 12:15 - 06312160 _____ (MyTurboPC.com) C:\Users\judy\Downloads\myturbopc.exe
2014-08-28 12:09 - 2014-03-15 00:56 - 00000134 _____ () C:\Users\judy\AppData\Roaming\WB.CFG
2014-08-28 11:45 - 2014-06-12 06:09 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{845855BE-4589-4F75-966A-FA55784F54FD}
2014-08-28 11:42 - 2014-08-28 11:41 - 00028288 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:42 - 2014-08-28 11:41 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:36 - 2014-08-28 11:35 - 00001163 _____ () C:\Users\judy\Desktop\Continue Download Manager Installation.lnk
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ ( ) C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-28 11:32 - 2014-08-28 11:32 - 00035673 _____ () C:\Users\judy\Desktop\FARBAR RECOVERY SCAN TOOL.htm
2014-08-28 11:27 - 2014-08-27 23:08 - 00000000 ____D () C:\Users\judy\AppData\Local\fst_us_228
2014-08-28 11:26 - 2014-08-14 20:05 - 01321131 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-28 11:20 - 2014-02-02 17:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-1001
2014-08-28 11:14 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-28 11:10 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-27 23:35 - 2014-08-27 23:13 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-08-27 23:19 - 2014-07-09 04:26 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2014-08-27 23:19 - 2014-06-16 16:04 - 00000000 ____D () C:\ProgramData\clear.fi
2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-08-27 23:19 - 2013-04-16 23:18 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-08-27 23:15 - 2014-08-27 23:13 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-08-27 23:15 - 2014-08-27 23:13 - 00002804 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-08-27 23:13 - 2014-08-27 23:13 - 00001704 _____ () C:\Users\judy\AppData\Roaming\aps.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00001150 _____ () C:\Users\judy\AppData\Roaming\aps.scan.quick.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000318 _____ () C:\Users\judy\AppData\Roaming\aps.uninstall.scan.results
2014-08-27 23:13 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-08-27 23:13 - 2014-08-27 23:12 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-08-27 23:12 - 2014-08-27 23:12 - 00575544 _____ (ClickMeIn Limited) C:\Users\judy\AppData\Local\nsb5C1C.tmp
2014-08-27 23:12 - 2014-07-10 13:41 - 00002005 _____ () C:\Users\Public\Desktop\abPhoto.lnk
2014-08-27 23:09 - 2014-08-27 23:09 - 00058040 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstr.sys
2014-08-27 23:09 - 2014-08-27 23:09 - 00003076 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-08-27 23:09 - 2014-08-27 23:09 - 00002642 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-27 23:09 - 2014-08-27 23:09 - 00000145 _____ () C:\WINDOWS\setupact.log
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Users\judy\AppData\Roaming\WSE_Astromenda
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 ____D () C:\Program Files (x86)\ver1BlockAndSurf
2014-08-27 23:09 - 2014-08-27 23:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 23:09 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-08-27 23:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-08-27 23:08 - 2014-08-27 23:08 - 00000000 ____D () C:\Program Files (x86)\fst_us_228
2014-08-27 23:07 - 2014-08-27 23:00 - 00000000 ____D () C:\ProgramData\pastaleads
2014-08-27 23:05 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-27 23:01 - 2014-08-27 23:01 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-27 23:01 - 2014-08-27 23:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-27 23:00 - 2014-08-27 23:00 - 00000000 ____D () C:\Program Files (x86)\pastaleads
2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\VOPackage
2014-08-27 23:00 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-27 22:59 - 2014-08-27 22:59 - 00003734 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00003584 _____ () C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan
2014-08-27 22:59 - 2014-08-27 22:59 - 00001087 _____ () C:\Users\Public\Desktop\DriverRestore.lnk
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\Users\judy\AppData\Roaming\ContentExplorer
2014-08-27 22:59 - 2014-08-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-08-27 22:59 - 2014-08-27 22:58 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-08-27 22:57 - 2014-08-27 22:57 - 00000000 ____D () C:\Users\judy\Documents\PC Health Kit
2014-08-27 22:34 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-27 22:28 - 2014-08-11 07:34 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-08-27 18:00 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\judy\AppData\Local\System_Alerts_LLC
2014-08-27 17:59 - 2014-08-27 17:59 - 00000000 ____D () C:\Program Files (x86)\The Sea App (Internet Explorer)
2014-08-27 17:17 - 2013-08-03 04:03 - 00000000 ____D () C:\ProgramData\OEM
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-08-25 18:25 - 2014-08-14 18:53 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-22 06:58 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-16 14:06 - 2014-08-14 18:54 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG SafeGuard toolbar
2014-08-16 12:06 - 2014-02-02 17:41 - 00000000 ____D () C:\Program Files (x86)\Knight System Protector
2014-08-16 12:00 - 2013-08-22 07:44 - 00335784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-16 11:57 - 2014-07-12 22:28 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-16 11:57 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-16 11:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-16 10:43 - 2014-08-16 10:43 - 00000000 ____D () C:\Blasteroids
2014-08-16 07:54 - 2014-08-16 07:53 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-08-16 07:53 - 2014-08-14 18:54 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-08-14 20:18 - 2014-08-14 20:18 - 00000000 ____D () C:\Users\judy\AppData\Local\AVG Secure Search
2014-08-14 20:11 - 2014-08-14 20:09 - 00001158 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-08-14 20:09 - 2014-08-11 07:33 - 00000000 ____D () C:\Users\judy\AppData\Roaming\systweak
2014-08-14 19:58 - 2014-06-17 13:46 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-14 19:58 - 2014-02-02 17:30 - 00000000 ____D () C:\Users\judy\AppData\Local\CrashDumps
2014-08-14 19:56 - 2014-08-14 19:42 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-14 19:56 - 2014-08-14 19:42 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-14 19:44 - 2014-08-14 19:44 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-14 19:44 - 2014-08-14 19:44 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 19:44 - 2014-08-14 19:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Users\judy\AppData\Local\Google
2014-08-14 19:44 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\ProgramData\Google
2014-08-14 19:42 - 2014-08-14 19:42 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:34 - 2014-08-14 19:34 - 00003974 _____ () C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TNT2
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Users\judy\AppData\Local\TidyNetwork
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-08-14 19:33 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 19:04 - 2014-08-14 19:04 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2014-08-14 18:53 - 2014-08-14 18:53 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-14 18:52 - 2014-08-14 18:51 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe
2014-08-14 08:33 - 2014-02-05 11:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-14 08:31 - 2014-02-05 11:59 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-13 20:36 - 2014-03-18 03:13 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-13 17:39 - 2014-06-17 13:25 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-13 17:36 - 2013-08-21 21:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 17:36 - 2013-08-21 20:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 17:36 - 2013-08-21 20:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-13 17:35 - 2014-03-18 03:13 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 17:35 - 2014-03-18 03:13 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 17:35 - 2014-03-18 03:13 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 17:35 - 2013-08-22 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 17:35 - 2013-08-22 04:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 17:35 - 2013-08-22 04:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 17:35 - 2013-08-22 04:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 17:35 - 2013-08-22 04:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 17:35 - 2013-08-22 04:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 17:35 - 2013-08-22 03:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-13 17:35 - 2013-08-21 20:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 17:35 - 2013-08-21 20:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-13 17:35 - 2013-08-21 20:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-12 21:43 - 2014-08-12 21:43 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2014-08-12 21:43 - 2014-06-16 16:16 - 00003334 _____ () C:\WINDOWS\System32\Tasks\AcerCloud
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Users\judy\AppData\Local\TotalRecipeSearch_14
2014-08-11 08:03 - 2014-08-11 08:03 - 00000000 ____D () C:\Program Files (x86)\TotalRecipeSearch_14
2014-08-11 07:34 - 2014-08-11 07:34 - 00004022 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-11 07:34 - 2014-08-11 07:34 - 00001989 _____ () C:\Users\judy\Desktop\Sync Folder.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00001107 _____ () C:\Users\judy\Desktop\MyPC Backup.lnk
2014-08-11 07:34 - 2014-08-11 07:34 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-11 07:32 - 2014-08-11 07:32 - 00003310 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Users\judy\AppData\Local\UtilityChest_49
2014-08-11 07:26 - 2014-08-11 07:26 - 00000000 ____D () C:\Program Files (x86)\UtilityChest_49
2014-08-06 19:12 - 2014-08-15 07:23 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-06 15:39 - 2014-08-15 07:23 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-06 15:38 - 2014-08-15 07:24 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-05 19:05 - 2014-08-11 07:32 - 00019800 _____ () C:\WINDOWS\system32\roboot64.exe
2014-08-01 22:44 - 2014-08-15 07:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-01 20:56 - 2014-08-15 07:23 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-01 20:11 - 2014-08-15 07:23 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-01 17:17 - 2013-08-22 08:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-01 17:17 - 2013-08-22 08:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
Some content of TEMP:
====================
C:\Users\judy\AppData\Local\Temp\5A48_DriverRestore_EN.exe
C:\Users\judy\AppData\Local\Temp\air1370.exe
C:\Users\judy\AppData\Local\Temp\air18C5.exe
C:\Users\judy\AppData\Local\Temp\air240D.exe
C:\Users\judy\AppData\Local\Temp\air2474.exe
C:\Users\judy\AppData\Local\Temp\air274F.exe
C:\Users\judy\AppData\Local\Temp\air2ADB.exe
C:\Users\judy\AppData\Local\Temp\air4025.exe
C:\Users\judy\AppData\Local\Temp\air66A0.exe
C:\Users\judy\AppData\Local\Temp\air7DCB.exe
C:\Users\judy\AppData\Local\Temp\air9DEF.exe
C:\Users\judy\AppData\Local\Temp\airA76F.exe
C:\Users\judy\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\judy\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\judy\AppData\Local\Temp\F7B9_SpybotSD2.exe
C:\Users\judy\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe
C:\Users\judy\AppData\Local\Temp\post1.exe
C:\Users\judy\AppData\Local\Temp\post2.dll
C:\Users\judy\AppData\Local\Temp\post2.exe
C:\Users\judy\AppData\Local\Temp\setup.exe
C:\Users\judy\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\judy\AppData\Local\Temp\SfpcHelper_installStart.exe
C:\Users\judy\AppData\Local\Temp\SHSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-28 11:10
 
==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by judy at 2014-08-28 14:24:53
Running from C:\Users\judy\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2007.2 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2011.1 - Acer Incorporated)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.01.2011 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30313 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{29200C76-2ADF-0C62-BE0D-2AC087740379}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.1 - CMI Limited) <==== ATTENTION
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2012.1 - Acer Incorporated)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
BlockAndSurf (HKLM-x32\...\00ACB724-76B2-5971-98E5-D94B76948A5B) (Version:  - BlockAndSurf-software) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
ContentExplorer (HKLM-x32\...\ContentExplorer) (Version: 8.4 - ContentExplorer.net)
Desktop Temperature Monitor (HKCU\...\Desktop Temperature Monitor) (Version: 1.24.0.0 - System Alerts LLC)
DriverRestore (HKLM\...\DriverRestore) (Version: 1.0 - 383 Media, Inc.)
Extended Update (HKCU\...\UpdaterEX) (Version:  - Extended Update) <==== ATTENTION
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FreeSoftToday 025.228 (HKLM-x32\...\fst_us_228_is1) (Version:  - FREESOFTTODAY) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Inbox Toolbar (HKLM-x32\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 2.0.1.106 - Xacti, LLC)
Inbox3 (HKLM-x32\...\{E5E22EB4-B322-411C-BACB-263300A3D80E}_is1) (Version: 1.0.0.12 - Inbox.com)
InboxAce Internet Explorer Toolbar (HKLM-x32\...\InboxAce_1gbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
MyFunCards Internet Explorer Toolbar (HKLM-x32\...\MyFunCards_5mbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
PastaQuotes (HKLM-x32\...\pastaleads) (Version: 1.2.1.0 - PastaLeads)
QCA CardReader Driver Installer (HKLM-x32\...\{4E0BC999-655B-421D-87F3-640C6F2BFC11}) (Version: 1.0.1.34 - Qualcomm Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.49 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Soluto (HKLM\...\{A40888FC-B545-46F3-8628-6AE98C1C75C6}) (Version: 1.3.1193.1 - Soluto)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Term Tutor (HKLM-x32\...\TermTutor) (Version: 1.9.0.6 - Term Tutor)
The Sea App (Internet Explorer)  (HKLM-x32\...\The Sea App) (Version:  - Growth Systems, LLC) <==== ATTENTION
TidyNetwork (HKCU\...\TidyNetwork) (Version:  - TidyNetwork)
TotalRecipeSearch Internet Explorer Toolbar (HKLM-x32\...\TotalRecipeSearch_14bar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Utility Chest Internet Explorer Toolbar (HKLM-x32\...\UtilityChest_49bar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WSE_Astromenda (HKLM-x32\...\WSE_Astromenda) (Version:  - WSE_Astromenda) <==== ATTENTION
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
22-08-2014 06:51:41 Scheduled Checkpoint
28-08-2014 20:09:45 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1C089B1B-6BA0-49C2-B594-F708C1B8B503} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {1D3A0C7B-5AD3-4B84-A478-B293255849AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {26223B8B-B407-4AE0-8EA5-90D9299BDC87} - System32\Tasks\TidyNetwork Update => C:\Users\judy\AppData\Local\TidyNetwork\petnupdate.exe [2014-08-14] ()
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {39295545-2169-47A5-B5F1-3DCB98334328} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-08-06] (Acer)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3BD98196-F5F8-4C48-8418-DAEDD03137E6} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-07-22] (MyPCBackup.com) <==== ATTENTION
Task: {4898B40A-C3FD-4C18-9262-36FA84EA356B} - System32\Tasks\Microsoft\Windows\SysResetLogSuccess => Rundll32.exe ResetEng.dll,RjvLogSuccessEntryPoint
Task: {48DC7E0D-1F64-462F-B7AE-122F88E9FD96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5D131900-882C-4A9D-877E-69F281E7AABA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe [2014-08-27] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F170458-AB97-4224-AD0C-EC073725BB86} - System32\Tasks\PastaQuotes => C:\Program Files (x86)\pastaleads\ScheduledTask.exe [2014-06-18] ()
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75600F68-68BB-4EFA-B301-3CC2C08023AD} - System32\Tasks\DriverRestore_DailyScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-07-06] ()
Task: {76A4B948-019E-42AA-8979-F76AC472004D} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-03-14] (Acer Incorporate)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {811C6AF3-F0CC-49DC-BA5A-63AFA6B80047} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-07-22] (MyPC Backup) <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8E61A2C1-0631-433D-9DA3-4F799E1DB1BB} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {959909FF-A127-491D-8A16-E6CC8D046625} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {973B237C-ED4A-4DDF-86D4-C69CD82AE18E} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A07D2BE3-7F59-496C-8DD4-2202A46969E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14] (Google Inc.)
Task: {B87C0074-F507-4AF6-B410-AC3CCD885250} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {B8EC8ECD-4AB1-4B70-9505-C4EF5E47C16E} - System32\Tasks\ASP => C:\Program Files (x86)\Tuneup pro\SystweakASP.exe
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C034AE47-50DF-4617-9946-0EC4A6007219} - System32\Tasks\WSE_Astromenda => C:\Users\judy\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-27] ()
Task: {CD34F3C0-ED05-4009-A5CE-BCC6FD2316C5} - System32\Tasks\UpdaterEX => C:\Users\judy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {CD7E60BC-5C2F-457E-BEE4-51E204A98CAA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {CD9C8B1F-E1E7-4D89-BBA7-F99D03386E21} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-14] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D136D828-6ADE-43E0-9102-FA020971E586} - System32\Tasks\Knight System Protector Startup => C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe [2013-12-17] ()
Task: {D6A24AB9-2B6F-406C-8FF1-3AA5B229CCA0} - System32\Tasks\DriverRestore_ScheduledScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-07-06] ()
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EFD55167-3E10-4F72-843B-347EC5F2010D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: {FCE0303E-A943-467A-8BCB-B8D9556D47DB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-08-27] (AnyProtect.com) <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver1BlockAndSurf\m7BlockAndSurfa02.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\judy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\judy\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2014-06-18 00:47 - 2014-06-18 00:47 - 00384408 _____ () C:\Program Files (x86)\pastaleads\PastaLeadsService.exe
2014-08-27 23:00 - 2014-08-27 23:00 - 00071680 _____ () C:\Users\judy\AppData\Roaming\VOPackage\VOsrv.exe
2013-01-29 12:28 - 2013-01-29 12:28 - 00109024 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-01-29 12:28 - 2013-01-29 12:28 - 00055352 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2014-07-12 18:02 - 2014-07-12 18:02 - 00101376 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Management\48a5e4128a7c4b39f813961b46af6c3d\Windows.Management.ni.dll
2014-07-12 18:00 - 2014-07-12 18:00 - 01782784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\43b92b6dbc9eb61983817ea32346d510\Windows.ApplicationModel.ni.dll
2014-07-12 18:00 - 2014-07-12 18:00 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\d1c5274ccd6fb2b4b5dbddd0f0ca6c6e\Windows.System.ni.dll
2014-07-12 17:59 - 2014-07-12 17:59 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\057b7043f4868b76c209d9c426b80743\Windows.Foundation.ni.dll
2014-08-16 07:53 - 2014-08-16 07:53 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2013-01-29 12:28 - 2013-01-29 12:28 - 00109024 _____ () c:\program files\soluto\PCGDllExportInspector.dll
2014-02-02 17:41 - 2013-12-17 20:07 - 02159864 _____ () C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe
2014-08-27 23:08 - 2014-08-25 12:00 - 03337208 _____ () C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe
2014-08-27 23:09 - 2014-08-27 23:09 - 00104960 _____ () C:\Program Files (x86)\ver1BlockAndSurf\BlockAndSurf.exe
2013-04-15 11:23 - 2013-04-15 11:23 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-04-15 11:20 - 2013-04-15 11:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-04-15 11:25 - 2013-04-15 11:25 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-08-27 23:09 - 2014-08-27 23:09 - 01072128 _____ () C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
2014-07-22 06:07 - 2014-07-22 06:07 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-07-22 06:02 - 2014-07-22 06:02 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-08-14 18:53 - 2014-08-25 18:24 - 02640408 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-08-03 04:12 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2014-03-03 18:55 - 2014-03-03 18:55 - 01046288 _____ () C:\Users\judy\AppData\Local\DesktopTemperature\DTWxSvc.dll
2014-08-16 07:53 - 2014-08-16 07:53 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2014-08-22 18:21 - 2014-08-22 18:21 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-08-22 18:21 - 2014-08-22 18:21 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-08-22 18:21 - 2014-08-22 18:21 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-08-22 18:21 - 2014-08-22 18:21 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2014-08-12 21:42 - 2014-08-12 21:42 - 00015616 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-08-06 16:47 - 2014-08-06 16:47 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-08-06 16:44 - 2014-08-06 16:44 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\judy\OneDrive:ms-properties
AlternateDataStreams: C:\Users\judy\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/28/2014 00:05:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 36.0.1985.143 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 17b0
 
Start Time: 01cfc2edc83462f9
 
Termination Time: 81
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 481ba925-2ee6-11e4-be88-0c84dca60c86
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/28/2014 11:27:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AnyProtect.exe, version: 1.0.0.1, time stamp: 0x53fded89
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x3dc
Faulting application start time: 0xAnyProtect.exe0
Faulting application path: AnyProtect.exe1
Faulting module path: AnyProtect.exe2
Report Id: AnyProtect.exe3
Faulting package full name: AnyProtect.exe4
Faulting package-relative application ID: AnyProtect.exe5
 
Error: (08/28/2014 11:14:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17031 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 65c
 
Start Time: 01cfc2fbf734122c
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\syswow64\wwahost.exe
 
Report Id: 2c0d757b-2edf-11e4-be88-0c84dca60c86
 
Faulting package full name: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c
 
Faulting package-relative application ID: App
 
Error: (08/28/2014 00:44:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0
Faulting module name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0
Exception code: 0xc0000005
Fault offset: 0x00009b10
Faulting process id: 0xfdc
Faulting application start time: 0xupfst_us_228.exe0
Faulting application path: upfst_us_228.exe1
Faulting module path: upfst_us_228.exe2
Report Id: upfst_us_228.exe3
Faulting package full name: upfst_us_228.exe4
Faulting package-relative application ID: upfst_us_228.exe5
 
Error: (08/28/2014 11:53:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nMsNhQLsuy.exe, version: 1.0.0.0, time stamp: 0x53bad802
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53649e73
Exception code: 0xc0000005
Fault offset: 0x000000000003b2f8
Faulting process id: 0x144c
Faulting application start time: 0xnMsNhQLsuy.exe0
Faulting application path: nMsNhQLsuy.exe1
Faulting module path: nMsNhQLsuy.exe2
Report Id: nMsNhQLsuy.exe3
Faulting package full name: nMsNhQLsuy.exe4
Faulting package-relative application ID: nMsNhQLsuy.exe5
 
Error: (08/28/2014 11:52:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1b50
 
Start Time: 01cfc28acd367171
 
Termination Time: 218
 
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
 
Report Id: 7ae76496-2ee4-11e4-be86-0c84dca60c86
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/28/2014 11:52:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nMsNhQLsuy.exe, version: 1.0.0.0, time stamp: 0x53bad802
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532954fb
Exception code: 0xc06d007e
Fault offset: 0x0000000000005bf8
Faulting process id: 0x144c
Faulting application start time: 0xnMsNhQLsuy.exe0
Faulting application path: nMsNhQLsuy.exe1
Faulting module path: nMsNhQLsuy.exe2
Report Id: nMsNhQLsuy.exe3
Faulting package full name: nMsNhQLsuy.exe4
Faulting package-relative application ID: nMsNhQLsuy.exe5
 
Error: (08/28/2014 11:44:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0
Faulting module name: upfst_us_228.exe, version: 1.0.0.1, time stamp: 0x53fb01c0
Exception code: 0xc0000005
Fault offset: 0x00009b10
Faulting process id: 0x1dac
Faulting application start time: 0xupfst_us_228.exe0
Faulting application path: upfst_us_228.exe1
Faulting module path: upfst_us_228.exe2
Report Id: upfst_us_228.exe3
Faulting package full name: upfst_us_228.exe4
Faulting package-relative application ID: upfst_us_228.exe5
 
Error: (08/28/2014 11:42:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 14f4
 
Start Time: 01cfc28c65a708ca
 
Termination Time: 109
 
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
 
Report Id: fdf3107e-2ee2-11e4-be86-0c84dca60c86
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/28/2014 11:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: abPhoto.exe, version: 3.0.2011.0, time stamp: 0x53f71973
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process id: 0x1364
Faulting application start time: 0xabPhoto.exe0
Faulting application path: abPhoto.exe1
Faulting module path: abPhoto.exe2
Report Id: abPhoto.exe3
Faulting package full name: abPhoto.exe4
Faulting package-relative application ID: abPhoto.exe5
 
 
System errors:
=============
Error: (08/28/2014 00:59:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (08/28/2014 00:59:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
Error: (08/28/2014 00:58:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (08/28/2014 00:56:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The hhVqPjMye service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (08/27/2014 11:37:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 51.
 
Error: (08/27/2014 11:11:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error: 
%%14001
 
Error: (08/27/2014 11:06:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (08/27/2014 11:06:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
Error: (08/27/2014 11:04:44 PM) (Source: DCOM) (EventID: 10010) (User: JUDYSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/27/2014 11:04:44 PM) (Source: DCOM) (EventID: 10010) (User: JUDYSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
 
Microsoft Office Sessions:
=========================
Error: (08/28/2014 00:05:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe36.0.1985.14317b001cfc2edc83462f981C:\Program Files (x86)\Google\Chrome\Application\chrome.exe481ba925-2ee6-11e4-be88-0c84dca60c86
 
Error: (08/28/2014 11:27:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AnyProtect.exe1.0.0.153fded89unknown0.0.0.000000000c0000005000000003dc01cfc2fac0c0453aC:\Program Files (x86)\AnyProtectEx\AnyProtect.exeunknowne7e858bd-2ee0-11e4-be88-0c84dca60c86
 
Error: (08/28/2014 11:14:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703165c01cfc2fbf734122c4294967295C:\WINDOWS\syswow64\wwahost.exe2c0d757b-2edf-11e4-be88-0c84dca60c86Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp
 
Error: (08/28/2014 00:44:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: upfst_us_228.exe1.0.0.153fb01c0upfst_us_228.exe1.0.0.153fb01c0c000000500009b10fdc01cfc2f86cd8259fC:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exeC:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exeaac12db9-2eeb-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:53:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nMsNhQLsuy.exe1.0.0.053bad802ntdll.dll6.3.9600.1711453649e73c0000005000000000003b2f8144c01cfc2f13d577500C:\ProgramData\VdUfCdBZX\dat\nMsNhQLsuy.exeC:\WINDOWS\SYSTEM32\ntdll.dll95346cd4-2ee4-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:52:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.172391b5001cfc28acd367171218C:\Program Files\Internet Explorer\iexplore.exe7ae76496-2ee4-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:52:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nMsNhQLsuy.exe1.0.0.053bad802KERNELBASE.dll6.3.9600.17055532954fbc06d007e0000000000005bf8144c01cfc2f13d577500C:\ProgramData\VdUfCdBZX\dat\nMsNhQLsuy.exeC:\WINDOWS\system32\KERNELBASE.dll7b27c41b-2ee4-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:44:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: upfst_us_228.exe1.0.0.153fb01c0upfst_us_228.exe1.0.0.153fb01c0c000000500009b101dac01cfc2f009a6a554C:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exeC:\Users\judy\AppData\Local\fst_us_228\upfst_us_228.exe47796609-2ee3-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:42:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.1723914f401cfc28c65a708ca109C:\Program Files\Internet Explorer\iexplore.exefdf3107e-2ee2-11e4-be86-0c84dca60c86
 
Error: (08/28/2014 11:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: abPhoto.exe3.0.2011.053f71973MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d136401cfc2871b4b99ccC:\Program Files (x86)\Acer\abPhoto\abPhoto.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dlla30f6233-2ee2-11e4-be86-0c84dca60c86
 
 
==================== Memory info =========================== 
 
Processor: AMD E1-2500 APU with Radeon™ HD Graphics 
Percentage of memory in use: 23%
Total physical RAM: 5573.01 MB
Available physical RAM: 4270.86 MB
Total Pagefile: 6469.01 MB
Available Pagefile: 4640.22 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:449.41 GB) (Free:418.67 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DE5B179F)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

 


  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you run the fix ? As it does not appear to have worked, also did you run AdwCleaner
  • 0

#9
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

I am on another computer and I am not able to get the laptop on internet.. It says prosy not found... I was getting to post my last tests on fixlist ... any help that might let me get back on the internet I would appreciate  it...


  • 0

#10
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

In order for me to be able to get back in and get on the internet I had to refresh the laptop.... do you want me to run the test over....


  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes please but this time we will use a different order

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
THEN

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#12
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

# AdwCleaner v3.308 - Report created 29/08/2014 at 14:26:20
# Updated 20/08/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : judy - JUDYSPC
# Running from : C:\Users\judy\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\VOGWWBDE\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Blasteroids
Folder Deleted : C:\Users\judy\AppData\LocalLow\AppGraffiti
Folder Deleted : C:\Users\judy\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\judy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\judy\AppData\LocalLow\iac
Folder Deleted : C:\Users\judy\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\judy\AppData\LocalLow\InboxAce_1g
Folder Deleted : C:\Users\judy\AppData\LocalLow\InboxAce_1gEI
Folder Deleted : C:\Users\judy\AppData\LocalLow\MyFunCards_5m
Folder Deleted : C:\Users\judy\AppData\LocalLow\SiteRanker
Folder Deleted : C:\Users\judy\AppData\LocalLow\TotalRecipeSearch_14EI
Folder Deleted : C:\Users\judy\AppData\LocalLow\UtilityChest_49
Folder Deleted : C:\Users\judy\Documents\PC Health Kit
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\judy\daemonprocess.txt

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16482

*************************

AdwCleaner[R0].txt - [2109 octets] - [29/08/2014 14:23:11]
AdwCleaner[S0].txt - [1951 octets] - [29/08/2014 14:26:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2011 octets] ##########


  • 0

#13
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-08-2014 01
Ran by judy (administrator) on JUDYSPC on 29-08-2014 14:53:12
Running from C:\Users\judy\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\VOGWWBDE
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsMap.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-17] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Qualcomm Atheros Commnucations))

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKLM - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKCU - {D53B36ED-9EDC-4414-810C-3711AECD747F} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-04-16]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-04-16]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-08-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0057281409347779mcinstcleanup; C:\WINDOWS\TEMP\005728~1.EXE [836168 2014-03-13] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-11-30] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)
R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-29 14:45 - 2014-08-29 14:45 - 00024764 _____ () C:\Users\judy\Desktop\farbar-recovery-scan-tool.htm
2014-08-29 14:43 - 2014-08-29 14:43 - 00000299 _____ () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2014-08-29 14:42 - 2014-05-14 18:02 - 00059424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-08-29 14:42 - 2014-05-14 15:43 - 03286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-08-29 14:42 - 2014-05-14 15:43 - 01623040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-08-29 14:42 - 2014-05-14 15:43 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-08-29 14:42 - 2014-05-14 15:42 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-08-29 14:42 - 2013-08-15 22:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-08-29 14:40 - 2014-08-29 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-29 14:38 - 2014-08-29 14:38 - 01364531 _____ () C:\Users\judy\Downloads\adwcleaner_3.308.exe
2014-08-29 14:38 - 2014-08-29 14:38 - 00000130 _____ () C:\Users\judy\Desktop\Thank you for downloading AdwCleaner - ToolsLib (2).url
2014-08-29 14:37 - 2014-08-29 14:37 - 00002095 _____ () C:\Users\judy\Desktop\AdwCleaner[S0]TEXT.txt
2014-08-29 14:24 - 2014-08-29 14:24 - 00000130 _____ () C:\Users\judy\Desktop\Thank you for downloading AdwCleaner - ToolsLib.url
2014-08-29 14:23 - 2014-08-29 14:26 - 00000000 ____D () C:\AdwCleaner
2014-08-29 14:17 - 2014-08-29 14:17 - 00028258 _____ () C:\Users\judy\Desktop\adwcleaner.htm
2014-08-29 13:38 - 2014-08-29 13:39 - 00001107 _____ () C:\Users\judy\Desktop\Continue File Extractor Installation.lnk
2014-08-29 02:11 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-08-29 02:06 - 2014-08-29 02:17 - 00000000 ____D () C:\Windows.old
2014-08-29 02:05 - 2014-08-29 02:05 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-08-29 02:00 - 2014-08-29 02:12 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-1001
2014-08-29 01:46 - 2014-08-29 01:46 - 00000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-08-29 01:45 - 2014-08-29 01:45 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Macromedia
2014-08-29 01:44 - 2014-08-29 01:44 - 00000000 ____D () C:\$WINDOWS.~BT
2014-08-29 01:40 - 2014-08-29 01:40 - 00000000 ____D () C:\Users\Public\OEM
2014-08-29 01:39 - 2014-08-29 01:41 - 00000000 ____D () C:\Users\judy\AppData\Local\clear.fi
2014-08-29 01:39 - 2013-01-29 12:28 - 00051912 _____ (Soluto LTD.) C:\WINDOWS\system32\Drivers\Soluto.sys
2014-08-29 01:33 - 2014-08-29 01:33 - 00001958 _____ () C:\Users\Public\Desktop\Netflix.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00001776 _____ () C:\Users\Public\Desktop\Buy Online.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Atheros
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\ProgramData\OEM_E471269A730D
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Program Files\Accessory Store
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Program Files (x86)\OEM
2014-08-29 01:32 - 2014-08-29 01:32 - 00001438 _____ () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-29 01:32 - 2014-08-29 01:32 - 00000000 ____D () C:\Users\judy\AppData\Local\CrashDumps
2014-08-29 01:31 - 2014-08-29 01:31 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Adobe
2014-08-29 01:30 - 2014-08-29 01:32 - 00000000 ____D () C:\Users\judy\AppData\Local\Packages
2014-08-29 01:30 - 2014-08-29 01:30 - 00000020 ___SH () C:\Users\judy\ntuser.ini
2014-08-29 01:30 - 2014-08-29 01:30 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Synaptics
2014-08-29 01:30 - 2014-08-29 01:30 - 00000000 ____D () C:\Users\judy\AppData\Local\VirtualStore
2014-08-29 01:29 - 2014-08-29 14:45 - 00239951 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-29 01:09 - 2014-08-29 14:26 - 00000000 ____D () C:\Users\judy
2014-08-29 01:09 - 2014-08-29 01:10 - 00000000 ____D () C:\Users\Guest
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-29 01:09 - 2012-07-26 01:13 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-29 01:08 - 2014-08-29 01:10 - 00026673 _____ () C:\WINDOWS\diagwrn.xml
2014-08-29 01:08 - 2014-08-29 01:10 - 00026673 _____ () C:\WINDOWS\diagerr.xml
2014-08-29 00:42 - 2014-08-29 02:12 - 00000000 ___HD () C:\$SysReset
2014-08-28 15:25 - 2014-08-28 15:25 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (2).exe
2014-08-28 11:44 - 2014-08-28 14:25 - 00036804 _____ () C:\Users\judy\Downloads\Addition.txt
2014-08-28 11:41 - 2014-08-29 14:53 - 00000000 ____D () C:\FRST
2014-08-28 11:41 - 2014-08-28 15:28 - 00073597 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ () C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 18:51 - 2014-08-14 18:52 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-29 14:53 - 2014-08-28 11:41 - 00000000 ____D () C:\FRST
2014-08-29 14:45 - 2014-08-29 14:45 - 00024764 _____ () C:\Users\judy\Desktop\farbar-recovery-scan-tool.htm
2014-08-29 14:45 - 2014-08-29 01:29 - 00239951 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-29 14:45 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-29 14:43 - 2014-08-29 14:43 - 00000299 _____ () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2014-08-29 14:41 - 2013-08-03 04:05 - 00000000 ____D () C:\ProgramData\Soluto
2014-08-29 14:41 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-08-29 14:40 - 2014-08-29 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-29 14:38 - 2014-08-29 14:38 - 01364531 _____ () C:\Users\judy\Downloads\adwcleaner_3.308.exe
2014-08-29 14:38 - 2014-08-29 14:38 - 00000130 _____ () C:\Users\judy\Desktop\Thank you for downloading AdwCleaner - ToolsLib (2).url
2014-08-29 14:37 - 2014-08-29 14:37 - 00002095 _____ () C:\Users\judy\Desktop\AdwCleaner[S0]TEXT.txt
2014-08-29 14:33 - 2012-07-25 22:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-29 14:32 - 2012-07-26 00:28 - 00848230 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-29 14:29 - 2013-04-16 23:15 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-08-29 14:28 - 2013-04-16 23:15 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-29 14:28 - 2013-04-16 23:15 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-08-29 14:28 - 2012-07-26 00:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-29 14:27 - 2013-08-03 03:22 - 00281088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-29 14:27 - 2013-04-16 20:52 - 00009078 _____ () C:\WINDOWS\PFRO.log
2014-08-29 14:27 - 2012-07-25 22:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-29 14:26 - 2014-08-29 14:23 - 00000000 ____D () C:\AdwCleaner
2014-08-29 14:26 - 2014-08-29 01:09 - 00000000 ____D () C:\Users\judy
2014-08-29 14:24 - 2014-08-29 14:24 - 00000130 _____ () C:\Users\judy\Desktop\Thank you for downloading AdwCleaner - ToolsLib.url
2014-08-29 14:17 - 2014-08-29 14:17 - 00028258 _____ () C:\Users\judy\Desktop\adwcleaner.htm
2014-08-29 14:00 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-29 13:39 - 2014-08-29 13:38 - 00001107 _____ () C:\Users\judy\Desktop\Continue File Extractor Installation.lnk
2014-08-29 02:38 - 2013-08-03 03:32 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2014-08-29 02:17 - 2014-08-29 02:06 - 00000000 ____D () C:\Windows.old
2014-08-29 02:12 - 2014-08-29 02:00 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-1001
2014-08-29 02:12 - 2014-08-29 00:42 - 00000000 ___HD () C:\$SysReset
2014-08-29 02:09 - 2012-07-26 01:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-08-29 02:06 - 2012-07-26 01:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-08-29 02:05 - 2014-08-29 02:05 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-08-29 01:46 - 2014-08-29 01:46 - 00000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-08-29 01:45 - 2014-08-29 01:45 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Macromedia
2014-08-29 01:44 - 2014-08-29 01:44 - 00000000 ____D () C:\$WINDOWS.~BT
2014-08-29 01:41 - 2014-08-29 01:39 - 00000000 ____D () C:\Users\judy\AppData\Local\clear.fi
2014-08-29 01:40 - 2014-08-29 01:40 - 00000000 ____D () C:\Users\Public\OEM
2014-08-29 01:34 - 2013-04-16 21:40 - 00000000 ___HD () C:\OEM
2014-08-29 01:33 - 2014-08-29 01:33 - 00001958 _____ () C:\Users\Public\Desktop\Netflix.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00001776 _____ () C:\Users\Public\Desktop\Buy Online.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Atheros
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\ProgramData\OEM_E471269A730D
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Program Files\Accessory Store
2014-08-29 01:33 - 2014-08-29 01:33 - 00000000 ____D () C:\Program Files (x86)\OEM
2014-08-29 01:32 - 2014-08-29 01:32 - 00001438 _____ () C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-29 01:32 - 2014-08-29 01:32 - 00000000 ____D () C:\Users\judy\AppData\Local\CrashDumps
2014-08-29 01:32 - 2014-08-29 01:30 - 00000000 ____D () C:\Users\judy\AppData\Local\Packages
2014-08-29 01:31 - 2014-08-29 01:31 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Adobe
2014-08-29 01:30 - 2014-08-29 01:30 - 00000020 ___SH () C:\Users\judy\ntuser.ini
2014-08-29 01:30 - 2014-08-29 01:30 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Synaptics
2014-08-29 01:30 - 2014-08-29 01:30 - 00000000 ____D () C:\Users\judy\AppData\Local\VirtualStore
2014-08-29 01:30 - 2012-07-26 01:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-08-29 01:30 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-08-29 01:29 - 2013-04-16 21:52 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-29 01:12 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-29 01:10 - 2014-08-29 01:09 - 00000000 ____D () C:\Users\Guest
2014-08-29 01:10 - 2014-08-29 01:08 - 00026673 _____ () C:\WINDOWS\diagwrn.xml
2014-08-29 01:10 - 2014-08-29 01:08 - 00026673 _____ () C:\WINDOWS\diagerr.xml
2014-08-29 01:10 - 2012-07-26 01:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-29 01:10 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-08-29 01:10 - 2012-07-26 00:21 - 00024918 _____ () C:\WINDOWS\setupact.log
2014-08-28 16:00 - 2014-06-17 15:34 - 00000000 __RDO () C:\Users\judy\OneDrive
2014-08-28 15:28 - 2014-08-28 11:41 - 00073597 _____ () C:\Users\judy\Downloads\FRST.txt
2014-08-28 15:25 - 2014-08-28 15:25 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (2).exe
2014-08-28 14:25 - 2014-08-28 11:44 - 00036804 _____ () C:\Users\judy\Downloads\Addition.txt
2014-08-28 11:41 - 2014-08-28 11:41 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-08-28 11:35 - 2014-08-28 11:35 - 02103296 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-08-28 11:35 - 2014-08-28 11:35 - 00827416 _____ () C:\Users\judy\Downloads\DownloadManagerSetup.exe
2014-08-27 16:13 - 2014-08-27 16:13 - 00004544 _____ () C:\Users\judy\Desktop\New Journal Document.jnt
2014-08-27 16:13 - 2014-08-27 16:13 - 00000000 ___RD () C:\Users\judy\Documents\Notes
2014-08-14 19:04 - 2014-08-14 19:04 - 13829304 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall1.exe
2014-08-14 18:52 - 2014-08-14 18:51 - 11241816 _____ (Microsoft Corporation) C:\Users\judy\Downloads\MSEInstall.exe

Some content of TEMP:
====================
C:\Users\judy\AppData\Local\Temp\ICReinstall_FileExtractorSetup.exe
C:\Users\judy\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-04-16 20:52

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-08-2014 01
Ran by judy at 2014-08-29 14:54:41
Running from C:\Users\judy\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\VOGWWBDE
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30313 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{29200C76-2ADF-0C62-BE0D-2AC087740379}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QCA CardReader Driver Installer (HKLM-x32\...\{4E0BC999-655B-421D-87F3-640C6F2BFC11}) (Version: 1.0.1.34 - Qualcomm Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.49 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Soluto (HKLM\...\{A40888FC-B545-46F3-8628-6AE98C1C75C6}) (Version: 1.3.1193.1 - Soluto)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.1 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

29-08-2014 21:41:23 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-25 22:26 - 2012-07-25 22:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1C089B1B-6BA0-49C2-B594-F708C1B8B503} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {2017AFB9-9FD4-4750-9DBC-C5745DCE848D} - System32\Tasks\Microsoft\Windows\SysResetLogSuccess => Rundll32.exe ResetEng.dll,RjvLogSuccessEntryPoint
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {4E5E7022-5BE7-4EA3-A325-ED26302476BA} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {76A4B948-019E-42AA-8979-F76AC472004D} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-03-14] (Acer Incorporate)
Task: {8E61A2C1-0631-433D-9DA3-4F799E1DB1BB} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\WINDOWS\system32\dism.exe [2012-07-25] (Microsoft Corporation)
Task: {B87C0074-F507-4AF6-B410-AC3CCD885250} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {E21B0950-4700-4DFC-A39D-2960E1E72C17} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-02-05] (Synaptics Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

==================== Loaded Modules (whitelisted) =============

2013-01-29 12:28 - 2013-01-29 12:28 - 00109024 _____ () c:\program files\soluto\PCGDllExportInspector.dll
2013-04-15 11:23 - 2013-04-15 11:23 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-04-15 11:20 - 2013-04-15 11:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-04-15 11:25 - 2013-04-15 11:25 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-01-29 12:28 - 2013-01-29 12:28 - 00109024 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-01-29 12:28 - 2013-01-29 12:28 - 00055352 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2012-07-25 13:44 - 2012-07-25 13:35 - 00006656 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Management.winmd
2012-07-25 13:44 - 2012-07-25 13:35 - 00022016 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Foundation.winmd
2012-07-25 13:44 - 2012-07-25 13:35 - 00074240 _____ () C:\WINDOWS\system32\WinMetadata\Windows.ApplicationModel.winmd
2012-07-25 13:44 - 2012-07-25 13:35 - 00018432 _____ () C:\WINDOWS\system32\WinMetadata\Windows.System.winmd

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\judy\OneDrive:ms-properties
AlternateDataStreams: C:\Users\judy\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Adapter
Description: Bluetooth USB Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/29/2014 02:44:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 13cc

Start Time: 01cfc3d171bec44a

Termination Time: 109

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: a03ddf28-2fc5-11e4-be72-3065ec0d647b

Faulting package full name:

Faulting package-relative application ID:

Error: (08/29/2014 02:43:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1760

Start Time: 01cfc3d237bd3914

Termination Time: 78

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 8be32f06-2fc5-11e4-be72-3065ec0d647b

Faulting package full name:

Faulting package-relative application ID:

Error: (08/29/2014 02:43:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1414

Start Time: 01cfc3d20b643d6a

Termination Time: 188

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 730ac3a4-2fc5-11e4-be72-3065ec0d647b

Faulting package full name:

Faulting package-relative application ID:

Error: (08/29/2014 02:41:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ee4

Start Time: 01cfc3d1e537f2fe

Termination Time: 124

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 467d6998-2fc5-11e4-be72-3065ec0d647b

Faulting package full name:

Faulting package-relative application ID:

Error: (08/29/2014 02:40:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 238

Start Time: 01cfc3d16ee8bef1

Termination Time: 109

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 21c9397a-2fc5-11e4-be72-3065ec0d647b

Faulting package full name:

Faulting package-relative application ID:

Error: (08/29/2014 02:16:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16482 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1864

Start Time: 01cfc3ce3d6436a9

Termination Time: 31

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: c18d654d-2fc1-11e4-be71-3065ec0d647b

Faulting package full name:

Faulting package-relative application ID:

Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.

Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.

Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.

Error: (08/29/2014 01:57:59 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.


System errors:
=============
Error: (08/29/2014 01:46:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Soluto service failed to start due to the following error:
%%2

Error: (08/03/2013 04:31:01 AM) (Source: DCOM) (EventID: 10010) (User: judyspc)
Description: {9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}


Microsoft Office Sessions:
=========================
Error: (08/29/2014 02:44:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.1648213cc01cfc3d171bec44a109C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEa03ddf28-2fc5-11e4-be72-3065ec0d647b

Error: (08/29/2014 02:43:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16482176001cfc3d237bd391478C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE8be32f06-2fc5-11e4-be72-3065ec0d647b

Error: (08/29/2014 02:43:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16482141401cfc3d20b643d6a188C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE730ac3a4-2fc5-11e4-be72-3065ec0d647b

Error: (08/29/2014 02:41:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16482ee401cfc3d1e537f2fe124C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE467d6998-2fc5-11e4-be72-3065ec0d647b

Error: (08/29/2014 02:40:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.1648223801cfc3d16ee8bef1109C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE21c9397a-2fc5-11e4-be72-3065ec0d647b

Error: (08/29/2014 02:16:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16482186401cfc3ce3d6436a931C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEc18d654d-2fc1-11e4-be71-3065ec0d647b

Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (08/29/2014 02:02:57 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (08/29/2014 01:57:59 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4


==================== Memory info ===========================

Processor: AMD E1-2500 APU with Radeon™ HD Graphics
Percentage of memory in use: 32%
Total physical RAM: 5573 MB
Available physical RAM: 3771.57 MB
Total Pagefile: 9541 MB
Available Pagefile: 7575.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.41 GB) (Free:409.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DE5B179F)

Partition: GPT Partition Type.

==================== End Of Log ============================
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Looks much better as the restore did not bring back the rubbish. Let me know how the computer is after this run

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

2014-08-29 13:38 - 2014-08-29 13:39 - 00001107 _____ () C:\Users\judy\Desktop\Continue File Extractor Installation.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00001776 _____ () C:\Users\Public\Desktop\Buy Online.lnk
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#15
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

Is that all in the quote box....

2014-08-29 13:38 - 2014-08-29 13:39 - 00001107 _____ () C:\Users\judy\Desktop\Continue File Extractor Installation.lnk
2014-08-29 01:33 - 2014-08-29 01:33 - 00001776 _____ () C:\Users\Public\Desktop\Buy Online.lnk
EmptyTemp:
CMD: bitsadmin /reset /allusers.....

 

so I down load the FRST and save it on desktop and run the scan and when I click fix says no first list is there....


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP