Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

am not able to do anything [Solved]


  • This topic is locked This topic is locked

#31
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi again :)

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:


HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [233280 2014-11-10] (Search Protect)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [188224 2014-11-10] (Search Protect)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:56434;https=127.0.0.1:56434
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://astromenda.co...r=814749826&ir=
SearchScopes: HKU\S-1-5-21-3809952396-1488035759-1417517223-1001 -> {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://astromenda.co...r=814749826&ir=
BHO: No Name -> {11111111-1111-1111-1111-110611341143} -> No File
BHO: No Name -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> No File
BHO-x32: No Name -> {05b5ef3f-4c6a-426e-b77e-48ebb3e721f1} -> No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110611341143} -> No File
BHO-x32: No Name -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3332182&octid=EB_ORIGINAL_CTID&ISID=M9BAEB2A2-9840-4A72-9828-9DB3140E6D6E&SearchSource=55&CUI=&UM=6&UP=SP2CF9FE81-761D-4340-A3BB-242A354FA4D1&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3332182&octid=EB_ORIGINAL_CTID&ISID=M9BAEB2A2-9840-4A72-9828-9DB3140E6D6E&SearchSource=55&CUI=&UM=6&UP=SP2CF9FE81-761D-4340-A3BB-242A354FA4D1&SSPV=", "https://www.google.com/?gws_rd=ssl", "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> http://www.trovi.com...rchTerms}&SSPV=
CHR DefaultNewTabURL: Default -> https://www.trovi.co...4FA4D1&SAT=CNTS
CHR DefaultSuggestURL: Default -> http://suggest.secci...x={searchTerms}
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X] <==== ATTENTION
R1 {2859046f-5dca-482a-8c2d-37943d33a392}Gw64; C:\Windows\System32\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys [48792 2014-11-04] (StdLib)
R1 {29302da5-1178-40ac-a178-4cb57ebcc501}Gw64; C:\Windows\System32\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}Gw64.sys [48792 2014-10-25] (StdLib)
R1 {6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64; C:\Windows\System32\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys [48792 2014-11-01] (StdLib)
R1 {7012eec1-4f37-42d4-a2cd-26727494d248}Gw64; C:\Windows\System32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys [48792 2014-10-11] (StdLib)
R1 {8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64; C:\Windows\System32\drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys [48792 2014-11-06] (StdLib)
R1 {9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64; C:\Windows\System32\drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys [48792 2014-11-10] (StdLib)
R1 {a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64; C:\Windows\System32\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64.sys [48792 2014-10-25] (StdLib)
R1 {dda91daf-e6f8-4453-88d1-df18d861c904}Gw64; C:\Windows\System32\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}Gw64.sys [48792 2014-10-28] (StdLib)
R1 {e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64; C:\Windows\System32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys [48792 2014-10-01] (StdLib)
2014-11-27 11:19 - 2014-11-27 11:19 - 01178952 _____ (Kromtech) C:\Users\judy\Downloads\PCKeeper Installer.exe
2014-11-19 07:47 - 2014-11-19 07:47 - 00834952 _____ (SlimWare Utilities, Inc.) C:\Users\judy\Downloads\DriverUpdate-setup.exe
2014-11-18 19:34 - 2014-11-18 19:34 - 00691576 _____ (Yahoo! Inc.) C:\Users\judy\Downloads\msgr11us (1).exe
2014-11-18 19:08 - 2014-11-18 19:08 - 00691576 _____ (Yahoo! Inc.) C:\Users\judy\Downloads\msgr11us.exe
2014-11-18 18:44 - 2014-11-18 18:44 - 00003078 _____ () C:\WINDOWS\System32\Tasks\{E3197826-D64B-4D84-B494-3BE4C9DE1A9F}
2014-11-18 18:36 - 2014-11-18 18:36 - 00001162 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-11-18 18:17 - 2014-11-18 18:17 - 00003314 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector
2014-11-18 18:17 - 2014-11-18 18:17 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Advanced System Protector
2014-11-18 18:15 - 2014-11-23 23:07 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-11-18 18:14 - 2014-11-18 18:15 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-11-18 18:17 - 2014-11-18 18:17 - 00004010 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\WSE_Astromenda\BRS
C:\PROGRA~2\SearchProtect
C:\Windows\System32\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys
C:\Windows\System32\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}Gw64.sys
C:\Windows\System32\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys
C:\Windows\System32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys
C:\Windows\System32\drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys
c:\Windows\System32\drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys [
C:\Windows\System32\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64.sys
C:\Windows\System32\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}Gw64.sys
C:\Windows\System32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

Advertisements


#32
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-11-2014
Ran by judy (administrator) on JUDYSPC on 30-11-2014 16:56:22
Running from C:\Users\judy\Downloads
Loaded Profile: judy (Available profiles: judy & Administrator & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
() C:\Program Files (x86)\EZ Software Updater\EZ Software Updater.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015920 2013-02-05] (Synaptics Incorporated)
HKLM\...\Run: [Soluto] => c:\program files\soluto\soluto.exe [1253848 2013-01-29] (Soluto)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-11-26] (AVAST Software)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2534400 2014-05-14] (MyHeritage)
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bincom <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *‮* <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binscr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binpif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binexe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [233280 2014-11-10] (Search Protect)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [188224 2014-11-10] (Search Protect)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:56434;https=127.0.0.1:56434
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
URLSearchHook: HKU\S-1-5-21-3809952396-1488035759-1417517223-1001 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM -> {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://astromenda.co...r=814749826&ir=
SearchScopes: HKLM-x32 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKLM-x32 -> {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3809952396-1488035759-1417517223-1001 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3809952396-1488035759-1417517223-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3809952396-1488035759-1417517223-1001 -> {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://astromenda.co...r=814749826&ir=
SearchScopes: HKU\S-1-5-21-3809952396-1488035759-1417517223-1001 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110611341143} ->  No File
BHO: No Name -> {47A93636-7E77-3768-FEA1-A3984700C69B} ->  No File
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: No Name -> {05b5ef3f-4c6a-426e-b77e-48ebb3e721f1} ->  No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110611341143} ->  No File
BHO-x32: No Name -> {47A93636-7E77-3768-FEA1-A3984700C69B} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-3809952396-1488035759-1417517223-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100
 
FireFox:
========
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-01]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3332182&octid=EB_ORIGINAL_CTID&ISID=M9BAEB2A2-9840-4A72-9828-9DB3140E6D6E&SearchSource=55&CUI=&UM=6&UP=SP2CF9FE81-761D-4340-A3BB-242A354FA4D1&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3332182&octid=EB_ORIGINAL_CTID&ISID=M9BAEB2A2-9840-4A72-9828-9DB3140E6D6E&SearchSource=55&CUI=&UM=6&UP=SP2CF9FE81-761D-4340-A3BB-242A354FA4D1&SSPV=", "https://www.google.com/?gws_rd=ssl", "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> http://www.trovi.com...rchTerms}&SSPV=
CHR DefaultNewTabURL: Default -> https://www.trovi.co...4FA4D1&SAT=CNTS
CHR DefaultSuggestURL: Default -> http://suggest.secci...x={searchTerms}
CHR Profile: C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-01]
CHR Extension: (Google Docs) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-01]
CHR Extension: (Google Drive) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-02]
CHR Extension: (YouTube) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-01]
CHR Extension: (Google Search) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-01]
CHR Extension: (Framed Display) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gagcbogmgkaogoadfcoicjdojbmkegao [2014-10-26]
CHR Extension: (Avast Online Security) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-01]
CHR Extension: (WeatherBlink) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcpbojonfafbgbmkdplkoobcenmpll [2014-10-26]
CHR Extension: (Google Wallet) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-01]
CHR Extension: (Gmail) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-26]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 EZ Software Updater; C:\Program Files (x86)\EZ Software Updater\EZ Software Updater.exe [220672 2014-09-07] () [File not signed]
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4343664 2014-04-09] (Symantec Corporation)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X] <==== ATTENTION
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-26] ()
R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-11-30] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58728 2014-08-25] (YTDownloader)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R1 {2859046f-5dca-482a-8c2d-37943d33a392}Gw64; C:\Windows\System32\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys [48792 2014-11-04] (StdLib)
R1 {29302da5-1178-40ac-a178-4cb57ebcc501}Gw64; C:\Windows\System32\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}Gw64.sys [48792 2014-10-25] (StdLib)
R1 {6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64; C:\Windows\System32\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys [48792 2014-11-01] (StdLib)
R1 {7012eec1-4f37-42d4-a2cd-26727494d248}Gw64; C:\Windows\System32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys [48792 2014-10-11] (StdLib)
R1 {8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64; C:\Windows\System32\drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys [48792 2014-11-06] (StdLib)
R1 {9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64; C:\Windows\System32\drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys [48792 2014-11-10] (StdLib)
R1 {a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64; C:\Windows\System32\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64.sys [48792 2014-10-25] (StdLib)
R1 {dda91daf-e6f8-4453-88d1-df18d861c904}Gw64; C:\Windows\System32\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}Gw64.sys [48792 2014-10-28] (StdLib)
R1 {e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64; C:\Windows\System32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys [48792 2014-10-01] (StdLib)
R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U2 SMUpd; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-30 15:15 - 2014-11-30 15:15 - 00006291 _____ () C:\Users\judy\Desktop\fixlist.txt
2014-11-30 11:19 - 2014-11-30 11:19 - 00023269 _____ () C:\Users\judy\Desktop\Addition.txt
2014-11-30 11:15 - 2014-11-30 11:15 - 00070233 _____ () C:\Users\judy\Desktop\FRST.txt
2014-11-30 11:08 - 2014-11-30 11:10 - 00023269 _____ () C:\Users\judy\Downloads\Addition.txt
2014-11-30 11:05 - 2014-11-30 11:05 - 02117120 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-11-30 11:03 - 2014-11-30 16:56 - 00036229 _____ () C:\Users\judy\Downloads\FRST.txt
2014-11-30 10:41 - 2014-11-30 10:54 - 00001416 _____ () C:\Users\judy\Desktop\FRST64 - Shortcut.lnk
2014-11-30 10:37 - 2014-11-30 10:37 - 02117120 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-11-28 20:17 - 2014-11-28 20:17 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (10).exe
2014-11-27 11:19 - 2014-11-27 11:19 - 01178952 _____ (Kromtech) C:\Users\judy\Downloads\PCKeeper Installer.exe
2014-11-27 11:11 - 2014-11-30 10:55 - 00008406 _____ () C:\WINDOWS\PFRO.log
2014-11-27 09:57 - 2014-11-27 09:57 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-27 09:57 - 2014-11-27 09:57 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-11-26 20:33 - 2014-10-30 05:25 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-11-26 20:21 - 2014-11-26 20:21 - 00001944 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-26 20:21 - 2014-11-26 20:20 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-11-26 20:20 - 2014-11-26 20:20 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-11-26 07:33 - 2014-11-26 07:33 - 00000000 __SHD () C:\Users\judy\AppData\Local\EmieBrowserModeList
2014-11-19 07:47 - 2014-11-19 07:47 - 00834952 _____ (SlimWare Utilities, Inc.) C:\Users\judy\Downloads\DriverUpdate-setup.exe
2014-11-18 19:34 - 2014-11-18 19:34 - 00691576 _____ (Yahoo! Inc.) C:\Users\judy\Downloads\msgr11us (1).exe
2014-11-18 19:26 - 2014-11-18 19:36 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Yahoo!
2014-11-18 19:26 - 2014-11-18 19:26 - 00001161 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-11-18 19:26 - 2014-11-18 19:26 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-11-18 19:26 - 2014-11-18 19:26 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-11-18 19:26 - 2014-11-18 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-11-18 19:09 - 2014-11-18 19:26 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-11-18 19:08 - 2014-11-18 19:08 - 00691576 _____ (Yahoo! Inc.) C:\Users\judy\Downloads\msgr11us.exe
2014-11-18 18:44 - 2014-11-18 18:44 - 00003078 _____ () C:\WINDOWS\System32\Tasks\{E3197826-D64B-4D84-B494-3BE4C9DE1A9F}
2014-11-18 18:36 - 2014-11-18 18:36 - 00001162 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-11-18 18:24 - 2014-11-18 18:24 - 00000000 ____D () C:\Users\judy\AppData\Local\AMD
2014-11-18 18:17 - 2014-11-18 18:17 - 00004010 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-11-18 18:17 - 2014-11-18 18:17 - 00003314 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector
2014-11-18 18:17 - 2014-11-18 18:17 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Advanced System Protector
2014-11-18 18:15 - 2014-11-23 23:07 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-11-18 18:14 - 2014-11-18 18:15 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-11-18 17:06 - 2014-11-18 17:06 - 00277816 _____ (K) C:\Users\judy\Downloads\yahoo-messenger.exe
2014-11-18 16:27 - 2014-11-18 16:27 - 00357489 _____ () C:\Users\judy\Downloads\photo (3).htm
2014-11-18 16:26 - 2014-11-18 16:26 - 00880049 _____ () C:\Users\judy\Downloads\Judy K Moore-lynch.html
2014-11-18 16:26 - 2014-11-18 16:26 - 00364098 _____ () C:\Users\judy\Downloads\photo (2).htm
2014-11-18 16:26 - 2014-11-18 16:26 - 00000000 ____D () C:\Users\judy\Downloads\Judy K Moore-lynch_files
2014-11-18 16:25 - 2014-11-18 16:25 - 00366250 _____ () C:\Users\judy\Downloads\photo (1).htm
2014-11-18 16:24 - 2014-11-18 16:24 - 00362972 _____ () C:\Users\judy\Downloads\photo.htm
2014-11-18 15:43 - 2014-11-09 17:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-18 15:43 - 2014-11-09 17:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-18 15:43 - 2014-11-09 17:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-18 15:43 - 2014-11-09 17:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-13 08:51 - 2014-11-13 08:51 - 00001250 _____ () C:\Users\Public\Desktop\Media Downloader.lnk
2014-11-13 08:51 - 2014-11-13 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Downloader
2014-11-13 08:51 - 2014-11-13 08:51 - 00000000 ____D () C:\Program Files (x86)\Media Downloader
2014-11-13 08:50 - 2014-11-13 08:50 - 00000000 ____D () C:\Program Files (x86)\EZ Software Updater
2014-11-13 08:50 - 2014-11-13 08:50 - 00000000 _____ () C:\LILE.tmp
2014-11-13 08:47 - 2014-11-13 08:47 - 00000000 ____D () C:\9e5bf2b7-7612-4936-83f3-10ab16f052c2
2014-11-13 08:46 - 2014-11-13 08:46 - 00122916 _____ () C:\Users\judy\Desktop\Gluten Free Dill Corn Cakes - Gluten Free Gigi.html
2014-11-13 08:46 - 2014-11-13 08:46 - 00000000 ____D () C:\Users\judy\Desktop\Gluten Free Dill Corn Cakes - Gluten Free Gigi_files
2014-11-13 07:41 - 2014-11-13 07:42 - 79485536 _____ () C:\Users\judy\Downloads\JavaUpdate (9).exe
2014-11-12 17:14 - 2014-10-30 23:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-12 17:14 - 2014-10-30 21:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-12 17:11 - 2014-10-30 23:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-12 17:11 - 2014-10-30 22:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-12 17:11 - 2014-10-30 22:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-12 17:11 - 2014-10-30 22:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-12 17:11 - 2014-10-30 22:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-12 17:11 - 2014-10-30 22:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-12 17:11 - 2014-10-30 22:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-12 17:11 - 2014-10-30 21:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-12 17:11 - 2014-10-30 21:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-12 17:11 - 2014-10-30 21:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-12 17:11 - 2014-10-30 21:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-12 17:11 - 2014-10-30 21:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-12 17:11 - 2014-10-30 21:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-12 17:11 - 2014-10-30 21:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-12 17:11 - 2014-10-30 21:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-12 17:11 - 2014-10-30 20:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-12 17:11 - 2014-10-30 20:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-12 17:11 - 2014-10-30 20:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-12 17:11 - 2014-10-30 20:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-12 17:11 - 2014-10-30 20:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-12 17:11 - 2014-10-30 20:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-12 17:10 - 2014-10-30 23:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-12 17:10 - 2014-10-30 23:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-12 17:10 - 2014-10-30 23:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-12 17:10 - 2014-10-30 23:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-12 17:10 - 2014-10-30 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-12 17:10 - 2014-10-30 23:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-12 17:10 - 2014-10-30 23:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-12 17:10 - 2014-10-30 23:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-12 17:10 - 2014-10-30 23:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-12 17:10 - 2014-10-30 23:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-12 17:10 - 2014-10-30 23:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-12 17:10 - 2014-10-30 22:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-12 17:10 - 2014-10-30 22:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-12 17:10 - 2014-10-30 22:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-12 17:10 - 2014-10-30 22:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-12 17:10 - 2014-10-30 22:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-12 17:10 - 2014-10-30 22:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-12 17:10 - 2014-10-30 22:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-12 17:10 - 2014-10-30 22:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-12 17:10 - 2014-10-30 22:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-12 17:10 - 2014-10-30 22:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-12 17:10 - 2014-10-30 22:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-12 17:10 - 2014-10-30 22:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-12 17:10 - 2014-10-30 22:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-12 17:10 - 2014-10-30 22:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-12 17:10 - 2014-10-30 22:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-12 17:10 - 2014-10-30 22:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-12 17:10 - 2014-10-30 22:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-12 17:10 - 2014-10-30 22:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-12 17:10 - 2014-10-30 22:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-12 17:10 - 2014-10-30 22:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-12 17:10 - 2014-10-30 22:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-12 17:10 - 2014-10-30 22:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-12 17:10 - 2014-10-30 21:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-12 17:10 - 2014-10-30 21:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-12 17:10 - 2014-10-30 21:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-12 17:10 - 2014-10-30 21:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-12 17:10 - 2014-10-30 21:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-12 17:10 - 2014-10-30 21:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-12 17:10 - 2014-10-30 21:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-12 17:10 - 2014-10-30 21:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-12 17:10 - 2014-10-30 21:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-12 17:10 - 2014-10-30 21:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-12 17:10 - 2014-10-30 21:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-12 17:10 - 2014-10-30 21:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-12 17:10 - 2014-10-30 21:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-12 17:10 - 2014-10-30 21:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-12 17:10 - 2014-10-30 21:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-12 17:10 - 2014-10-30 21:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-12 17:10 - 2014-10-30 21:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-12 17:10 - 2014-10-30 21:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-12 17:10 - 2014-10-30 21:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-12 17:10 - 2014-10-30 21:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-12 17:10 - 2014-10-30 20:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 17:10 - 2014-10-30 20:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-12 17:10 - 2014-10-30 20:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-12 17:10 - 2014-10-30 20:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-12 17:10 - 2014-10-30 20:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-12 17:10 - 2014-10-30 20:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-12 17:10 - 2014-10-30 20:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-12 17:10 - 2014-10-30 20:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-12 17:10 - 2014-10-30 20:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-12 17:10 - 2014-10-30 20:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-12 17:10 - 2014-10-30 20:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-12 17:10 - 2014-10-30 20:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-12 17:10 - 2014-10-30 20:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-12 17:10 - 2014-10-30 20:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-12 17:10 - 2014-10-30 20:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-12 17:10 - 2014-10-30 20:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-12 17:09 - 2014-10-18 03:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-12 17:09 - 2014-10-18 02:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-12 17:09 - 2014-10-18 02:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-12 17:09 - 2014-10-18 01:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-12 17:09 - 2014-10-18 00:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-12 17:09 - 2014-10-18 00:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-12 17:09 - 2014-10-18 00:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-12 17:09 - 2014-10-18 00:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-12 17:09 - 2014-10-18 00:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-12 17:09 - 2014-10-18 00:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-12 17:09 - 2014-10-18 00:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-12 17:09 - 2014-10-18 00:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-12 17:09 - 2014-10-18 00:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-12 17:09 - 2014-10-18 00:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-12 17:09 - 2014-10-18 00:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-12 17:09 - 2014-10-18 00:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-12 17:09 - 2014-10-12 20:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-12 17:09 - 2014-10-10 18:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-12 17:09 - 2014-10-10 18:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-12 17:09 - 2014-10-09 19:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-12 17:09 - 2014-10-09 19:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-12 17:09 - 2014-10-09 19:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-12 17:09 - 2014-10-08 01:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-12 17:09 - 2014-10-08 01:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-12 17:09 - 2014-10-08 01:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-12 17:09 - 2014-10-08 01:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-12 17:09 - 2014-10-08 01:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-12 17:09 - 2014-10-08 01:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-12 17:09 - 2014-10-08 00:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-12 17:09 - 2014-10-08 00:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-12 17:09 - 2014-10-08 00:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-12 17:09 - 2014-10-08 00:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-12 17:09 - 2014-10-08 00:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-12 17:09 - 2014-10-08 00:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-12 17:09 - 2014-10-07 23:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-12 17:09 - 2014-10-07 23:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-12 17:09 - 2014-10-07 23:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-12 17:09 - 2014-09-27 01:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-12 17:09 - 2014-09-26 23:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-12 17:09 - 2014-09-26 21:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-12 17:09 - 2014-09-26 21:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-12 17:09 - 2014-09-26 21:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-12 17:09 - 2014-09-21 22:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-12 17:09 - 2014-09-21 21:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-12 17:09 - 2014-09-21 21:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-12 17:09 - 2014-09-21 20:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-12 17:09 - 2014-09-18 18:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-12 17:09 - 2014-09-02 16:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-12 17:09 - 2014-09-02 16:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-12 17:08 - 2014-10-17 01:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-12 17:08 - 2014-10-17 00:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-12 17:04 - 2014-11-04 17:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-11-12 17:04 - 2014-11-03 18:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-11-12 17:04 - 2014-10-30 22:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-11-12 17:04 - 2014-10-30 22:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-11-12 17:04 - 2014-10-30 22:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-11-12 17:04 - 2014-10-22 23:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-12 17:04 - 2014-10-22 23:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-12 17:04 - 2014-10-07 00:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-12 17:04 - 2014-10-07 00:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-12 17:04 - 2014-10-07 00:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-12 17:04 - 2014-10-07 00:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-12 17:04 - 2014-10-07 00:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-12 17:04 - 2014-10-06 21:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-12 17:04 - 2014-10-06 21:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-12 17:04 - 2014-10-06 21:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-12 17:04 - 2014-10-06 21:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-12 17:04 - 2014-10-06 19:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-12 17:04 - 2014-10-06 19:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-12 17:04 - 2014-08-22 23:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-12 17:04 - 2014-08-22 23:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-12 17:03 - 2014-09-10 00:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-12 17:03 - 2014-09-07 21:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-12 17:03 - 2014-09-07 21:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-12 17:03 - 2014-09-07 16:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-12 17:03 - 2014-09-04 16:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-12 17:03 - 2014-09-04 16:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-12 17:03 - 2014-09-03 21:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-12 17:03 - 2014-09-03 20:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-12 17:03 - 2014-09-03 19:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-12 17:03 - 2014-09-03 18:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-12 17:03 - 2014-08-30 18:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-12 17:03 - 2014-08-30 18:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-12 17:03 - 2014-08-30 16:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-12 17:03 - 2014-08-30 16:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-12 17:03 - 2014-08-30 15:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-12 17:03 - 2014-08-30 15:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-12 17:03 - 2014-08-30 14:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-12 17:03 - 2014-08-30 14:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-12 17:03 - 2014-08-27 20:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-12 17:03 - 2014-08-27 18:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-12 17:03 - 2014-08-27 18:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-12 17:03 - 2014-08-22 23:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-12 17:03 - 2014-08-22 23:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-12 17:03 - 2014-08-22 22:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-12 17:03 - 2014-08-01 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-12 17:03 - 2014-08-01 18:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-10 07:58 - 2014-11-10 02:30 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys
2014-11-08 18:50 - 2014-11-30 15:29 - 01513794 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (8).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (7).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (6).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (5).exe
2014-11-08 06:50 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (4).exe
2014-11-08 06:50 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (3).exe
2014-11-08 06:49 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (2).exe
2014-11-08 06:49 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (1).exe
2014-11-08 06:47 - 2014-11-08 06:47 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate.exe
2014-11-06 23:32 - 2014-11-06 20:33 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys
2014-11-05 07:04 - 2014-11-04 18:44 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys
2014-11-01 07:48 - 2014-11-01 06:48 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-30 16:56 - 2014-08-28 12:41 - 00000000 ____D () C:\FRST
2014-11-30 16:44 - 2014-09-01 21:51 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-11-30 16:33 - 2014-10-01 15:33 - 00000133 _____ () C:\Users\judy\AppData\Roaming\WB.CFG
2014-11-30 16:33 - 2014-10-01 14:33 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-11-30 16:16 - 2014-09-01 21:47 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-30 16:02 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-30 12:57 - 2014-10-01 14:12 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0D5DAD40-3BDF-4170-B265-541749FE8BE6}
2014-11-30 11:16 - 2014-09-01 21:47 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-30 10:58 - 2014-09-25 20:25 - 00000000 ___DO () C:\Users\judy\OneDrive
2014-11-30 10:58 - 2013-08-03 05:09 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-11-30 10:55 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-30 10:55 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-28 20:35 - 2014-08-29 03:00 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-1001
2014-11-28 20:28 - 2014-10-05 15:18 - 00000137 _____ () C:\WINDOWS\Reimage.ini
2014-11-28 13:33 - 2014-10-03 16:06 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-11-28 13:26 - 2014-10-27 23:06 - 00000000 ____D () C:\ProgramData\ecbaef90-5696-41e1-a1c3-3e8112ce2840
2014-11-28 13:26 - 2014-10-03 16:44 - 00000000 ____D () C:\Program Files (x86)\Addon control
2014-11-28 11:24 - 2014-10-03 15:13 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-11-28 11:20 - 2014-10-03 15:13 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-28 10:36 - 2014-10-01 14:34 - 00000000 ____D () C:\Program Files (x86)\Framed Display
2014-11-28 10:24 - 2014-10-10 11:48 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2014-11-26 23:04 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-26 22:22 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-26 20:20 - 2014-09-01 21:46 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-11-26 20:19 - 2014-09-01 21:46 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-11-26 19:45 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-25 17:34 - 2012-07-26 01:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-23 23:17 - 2014-10-08 15:13 - 00011048 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-11-21 20:32 - 2014-03-18 04:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-20 14:51 - 2013-08-22 09:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-20 14:51 - 2013-08-22 09:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-18 19:27 - 2014-08-29 02:30 - 00000000 ____D () C:\Users\judy\AppData\Local\VirtualStore
2014-11-18 18:37 - 2014-10-01 14:31 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Systweak
2014-11-18 13:51 - 2012-07-25 23:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-11-16 05:14 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-15 17:44 - 2013-08-22 08:44 - 00337808 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-15 17:41 - 2014-09-03 11:54 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-13 11:11 - 2014-09-01 21:47 - 00003894 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 11:11 - 2014-09-01 21:47 - 00003658 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 17:26 - 2014-08-31 17:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-12 17:21 - 2014-08-31 17:34 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-07 18:52 - 2014-10-15 15:58 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Google
 
Some content of TEMP:
====================
C:\Users\judy\AppData\Local\Temp\ReimageExpressSetup.exe
C:\Users\judy\AppData\Local\Temp\sqlite3.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-30 11:13
 
==================== End Of Log ============================

  • 0

#33
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

could not fix..


  • 0

#34
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts
# AdwCleaner v4.102 - Report created 30/11/2014 at 18:06:32
# Updated 23/11/2014 by Xplode
# Database : 2014-11-27.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : judy - JUDYSPC
# Running from : C:\Users\judy\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : BackupStack
Service Deleted : EZ Software Updater
Service Deleted : sbmntr
Service Deleted : {2859046f-5dca-482a-8c2d-37943d33a392}Gw64
Service Deleted : {29302da5-1178-40ac-a178-4cb57ebcc501}Gw64
Service Deleted : {6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64
Service Deleted : {7012eec1-4f37-42d4-a2cd-26727494d248}Gw64
Service Deleted : {8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64
Service Deleted : {9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64
Service Deleted : {a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64
Service Deleted : {dda91daf-e6f8-4453-88d1-df18d861c904}Gw64
Service Deleted : {e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\374311380 
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\TidyNetwork
Folder Deleted : C:\Program Files (x86)\wse_astromenda
Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Program Files (x86)\Framed Display
Folder Deleted : C:\Program Files (x86)\EZ Software Updater
Folder Deleted : C:\WINDOWS\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Users\judy\AppData\Local\Astromenda
Folder Deleted : C:\Users\judy\AppData\Local\globalUpdate
Folder Deleted : C:\Users\judy\AppData\Local\TidyNetwork
Folder Deleted : C:\Users\judy\AppData\Local\CrashRpt
Folder Deleted : C:\Users\judy\AppData\Roaming\Advanced System Protector
Folder Deleted : C:\Users\judy\AppData\Roaming\Astromenda
Folder Deleted : C:\Users\judy\AppData\Roaming\Systweak
Folder Deleted : C:\Users\judy\AppData\Roaming\wse_astromenda
Folder Deleted : C:\Users\judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gagcbogmgkaogoadfcoicjdojbmkegao
File Deleted : C:\Users\Public\Desktop\Media Downloader.lnk
File Deleted : C:\WINDOWS\Reimage.ini
File Deleted : C:\WINDOWS\System32\roboot64.exe
File Deleted : C:\WINDOWS\System32\\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys
File Deleted : C:\WINDOWS\System32\\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}Gw64.sys
File Deleted : C:\WINDOWS\System32\\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys
File Deleted : C:\WINDOWS\System32\\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys
File Deleted : C:\WINDOWS\System32\\drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys
File Deleted : C:\WINDOWS\System32\\drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys
File Deleted : C:\WINDOWS\System32\\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64.sys
File Deleted : C:\WINDOWS\System32\\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}Gw64.sys
File Deleted : C:\WINDOWS\System32\\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys
File Deleted : C:\Users\judy\Desktop\Live PC Help.lnk
File Deleted : C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : Advanced System Protector
Task Deleted : ASP
Task Deleted : LaunchSignup
Task Deleted : SMupdate1
Task Deleted : WSE_Astromenda
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BRS]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342243}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655345543}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666346643}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644344443}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05B5EF3F-4C6A-426E-B77E-48EBB3E721F1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342243}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655345543}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666346643}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D53B36ED-9EDC-4414-810C-3711AECD747F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D53B36ED-9EDC-4414-810C-3711AECD747F}
Key Deleted : HKCU\Software\Boost
Key Deleted : HKCU\Software\BRS
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\WSE_Astromenda
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\Framed Display
Key Deleted : HKCU\Software\StormWatch
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Boost
Key Deleted : HKLM\SOFTWARE\EZ Software Updater
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Framed Display
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EZ Software Updater_is1
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Reimage
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v39.0.2171.71
 
 
*************************
 
AdwCleaner[R0].txt - [2109 octets] - [29/08/2014 15:23:11]
AdwCleaner[R1].txt - [883 octets] - [01/09/2014 15:11:13]
AdwCleaner[R2].txt - [15779 octets] - [30/11/2014 17:59:37]
AdwCleaner[S0].txt - [2095 octets] - [29/08/2014 15:26:20]
AdwCleaner[S1].txt - [945 octets] - [01/09/2014 15:15:06]
AdwCleaner[S2].txt - [15105 octets] - [30/11/2014 18:06:32]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [15166 octets] ##########

  • 0

#35
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets try the fix again

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [233280 2014-11-10] (Search Protect)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [188224 2014-11-10] (Search Protect)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3332182&octid=EB_ORIGINAL_CTID&ISID=M9BAEB2A2-9840-4A72-9828-9DB3140E6D6E&SearchSource=55&CUI=&UM=6&UP=SP2CF9FE81-761D-4340-A3BB-242A354FA4D1&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3332182&octid=EB_ORIGINAL_CTID&ISID=M9BAEB2A2-9840-4A72-9828-9DB3140E6D6E&SearchSource=55&CUI=&UM=6&UP=SP2CF9FE81-761D-4340-A3BB-242A354FA4D1&SSPV=", "https://www.google.com/?gws_rd=ssl", "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> http://www.trovi.com...rchTerms}&SSPV=
CHR DefaultNewTabURL: Default -> https://www.trovi.co...4FA4D1&SAT=CNTS
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:56434;https=127.0.0.1:56434
BHO: No Name -> {11111111-1111-1111-1111-110611341143} -> No File
BHO: No Name -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> No File
BHO-x32: No Name -> {05b5ef3f-4c6a-426e-b77e-48ebb3e721f1} -> No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110611341143} -> No File
BHO-x32: No Name -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> No File
R1 {2859046f-5dca-482a-8c2d-37943d33a392}Gw64; C:\Windows\System32\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys [48792 2014-11-04] (StdLib)
R1 {29302da5-1178-40ac-a178-4cb57ebcc501}Gw64; C:\Windows\System32\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}Gw64.sys [48792 2014-10-25] (StdLib)
R1 {6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64; C:\Windows\System32\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys [48792 2014-11-01] (StdLib)
R1 {7012eec1-4f37-42d4-a2cd-26727494d248}Gw64; C:\Windows\System32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys [48792 2014-10-11] (StdLib)
R1 {8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64; C:\Windows\System32\drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys [48792 2014-11-06] (StdLib)
R1 {9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64; C:\Windows\System32\drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys [48792 2014-11-10] (StdLib)
R1 {a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64; C:\Windows\System32\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64.sys [48792 2014-10-25] (StdLib)
R1 {dda91daf-e6f8-4453-88d1-df18d861c904}Gw64; C:\Windows\System32\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}Gw64.sys [48792 2014-10-28] (StdLib)
R1 {e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64; C:\Windows\System32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys [48792 2014-10-01] (StdLib)
C:\Windows\System32\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys
C:\Windows\System32\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}Gw64.sys
C:\Windows\System32\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys
C:\Windows\System32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys
C:\Windows\System32\drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys
C:\Windows\System32\drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys
C:\Windows\System32\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64.sys
C:\Windows\System32\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}Gw64.sys
C:\Windows\System32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys
2014-11-28 20:17 - 2014-11-28 20:17 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (10).exe
2014-11-27 11:19 - 2014-11-27 11:19 - 01178952 _____ (Kromtech) C:\Users\judy\Downloads\PCKeeper Installer.exe
2014-11-19 07:47 - 2014-11-19 07:47 - 00834952 _____ (SlimWare Utilities, Inc.) C:\Users\judy\Downloads\DriverUpdate-setup.exe
2014-11-18 19:34 - 2014-11-18 19:34 - 00691576 _____ (Yahoo! Inc.) C:\Users\judy\Downloads\msgr11us (1).exe
2014-11-18 19:08 - 2014-11-18 19:08 - 00691576 _____ (Yahoo! Inc.) C:\Users\judy\Downloads\msgr11us.exe
2014-11-18 18:44 - 2014-11-18 18:44 - 00003078 _____ () C:\WINDOWS\System32\Tasks\{E3197826-D64B-4D84-B494-3BE4C9DE1A9F}
2014-11-18 18:36 - 2014-11-18 18:36 - 00001162 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-11-18 18:24 - 2014-11-18 18:24 - 00000000 ____D () C:\Users\judy\AppData\Local\AMD
2014-11-18 18:17 - 2014-11-18 18:17 - 00004010 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-11-18 18:17 - 2014-11-18 18:17 - 00003314 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector
2014-11-18 18:17 - 2014-11-18 18:17 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Advanced System Protector
2014-11-18 18:15 - 2014-11-23 23:07 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-11-18 18:14 - 2014-11-18 18:15 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-11-18 17:06 - 2014-11-18 17:06 - 00277816 _____ (K) C:\Users\judy\Downloads\yahoo-messenger.exe
2014-11-10 07:58 - 2014-11-10 02:30 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (8).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (7).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (6).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (5).exe
2014-11-08 06:50 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (4).exe
2014-11-08 06:50 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (3).exe
2014-11-08 06:49 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (2).exe
2014-11-08 06:49 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (1).exe
2014-11-08 06:47 - 2014-11-08 06:47 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate.exe
2014-11-06 23:32 - 2014-11-06 20:33 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys
2014-11-05 07:04 - 2014-11-04 18:44 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys
2014-11-01 07:48 - 2014-11-01 06:48 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys
2014-11-30 16:33 - 2014-10-01 14:33 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-11-30 10:58 - 2013-08-03 05:09 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-11-28 13:26 - 2014-10-27 23:06 - 00000000 ____D () C:\ProgramData\ecbaef90-5696-41e1-a1c3-3e8112ce2840
2014-11-18 18:37 - 2014-10-01 14:31 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Systweak
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#36
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

i did save the FRST in tddhe same location as FRST.EXC..and it says that thde fixlist.txt should be in the same folder/ director is the tool is located..


  • 0

#37
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Move FRST to your desktop along with the fixlist and run from there
  • 0

#38
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

when i scan with ad ware it shows nothing...


  • 0

#39
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you run the fixlist ? If so there should have been a log generated could you post that please
  • 0

#40
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

i am going to rerun the FRST again..and a log comes up.. do i save it or when i hit fix i get an error..  


  • 0

Advertisements


#41
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-11-2014
Ran by judy (administrator) on JUDYSPC on 01-12-2014 16:04:58
Running from C:\Users\judy\Downloads
Loaded Profile: judy (Available profiles: judy & Administrator & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015920 2013-02-05] (Synaptics Incorporated)
HKLM\...\Run: [Soluto] => c:\program files\soluto\soluto.exe [1253848 2013-01-29] (Soluto)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-11-26] (AVAST Software)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2534400 2014-05-14] (MyHeritage)
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bincom <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *‮* <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binscr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binpif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binexe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\judy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:56434;https=127.0.0.1:56434
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
URLSearchHook: HKU\S-1-5-21-3809952396-1488035759-1417517223-1001 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKLM-x32 -> {D53B36ED-9EDC-4414-810C-3711AECD747F} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3809952396-1488035759-1417517223-1001 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3809952396-1488035759-1417517223-1001 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110611341143} ->  No File
BHO: No Name -> {47A93636-7E77-3768-FEA1-A3984700C69B} ->  No File
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: No Name -> {11111111-1111-1111-1111-110611341143} ->  No File
BHO-x32: No Name -> {47A93636-7E77-3768-FEA1-A3984700C69B} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3809952396-1488035759-1417517223-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100
 
FireFox:
========
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-01]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3332182&octid=EB_ORIGINAL_CTID&ISID=M9BAEB2A2-9840-4A72-9828-9DB3140E6D6E&SearchSource=55&CUI=&UM=6&UP=SP2CF9FE81-761D-4340-A3BB-242A354FA4D1&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3332182&octid=EB_ORIGINAL_CTID&ISID=M9BAEB2A2-9840-4A72-9828-9DB3140E6D6E&SearchSource=55&CUI=&UM=6&UP=SP2CF9FE81-761D-4340-A3BB-242A354FA4D1&SSPV=", "https://www.google.com/?gws_rd=ssl", "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> http://www.trovi.com...rchTerms}&SSPV=
CHR DefaultNewTabURL: Default -> https://www.trovi.co...4FA4D1&SAT=CNTS
CHR DefaultSuggestURL: Default -> http://suggest.secci...x={searchTerms}
CHR Profile: C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-01]
CHR Extension: (Google Docs) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-01]
CHR Extension: (Google Drive) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-02]
CHR Extension: (YouTube) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-01]
CHR Extension: (Google Search) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-01]
CHR Extension: (Avast Online Security) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-01]
CHR Extension: (WeatherBlink) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcpbojonfafbgbmkdplkoobcenmpll [2014-10-26]
CHR Extension: (Google Wallet) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-01]
CHR Extension: (Gmail) - C:\Users\judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-26]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4343664 2014-04-09] (Symantec Corporation)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-26] ()
R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-11-30] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U2 SMUpd; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-01 14:59 - 2014-12-01 16:03 - 00007554 _____ () C:\Users\judy\Desktop\fixlist.txt
2014-11-30 18:19 - 2014-11-30 18:19 - 00015311 _____ () C:\Users\judy\Desktop\AdwCleaner[S2].txt
2014-11-30 17:58 - 2014-11-30 17:58 - 02148864 _____ () C:\Users\judy\Downloads\AdwCleaner (1).exe
2014-11-30 17:52 - 2014-11-30 17:52 - 02117120 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (2).exe
2014-11-30 17:21 - 2014-11-30 17:21 - 00578152 _____ () C:\Users\judy\Downloads\Installation.exe
2014-11-30 11:08 - 2014-11-30 11:10 - 00023269 _____ () C:\Users\judy\Downloads\Addition.txt
2014-11-30 11:05 - 2014-11-30 11:05 - 02117120 _____ (Farbar) C:\Users\judy\Downloads\FRST64 (1).exe
2014-11-30 11:03 - 2014-12-01 16:04 - 00031673 _____ () C:\Users\judy\Downloads\FRST.txt
2014-11-30 10:41 - 2014-11-30 10:54 - 00001416 _____ () C:\Users\judy\Desktop\FRST64 - Shortcut.lnk
2014-11-30 10:37 - 2014-11-30 10:37 - 02117120 _____ (Farbar) C:\Users\judy\Downloads\FRST64.exe
2014-11-28 20:17 - 2014-11-28 20:17 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (10).exe
2014-11-27 11:19 - 2014-11-27 11:19 - 01178952 _____ (Kromtech) C:\Users\judy\Downloads\PCKeeper Installer.exe
2014-11-27 11:11 - 2014-11-30 18:08 - 00008720 _____ () C:\WINDOWS\PFRO.log
2014-11-27 09:57 - 2014-11-27 09:57 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-27 09:57 - 2014-11-27 09:57 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-11-26 20:33 - 2014-10-30 05:25 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-11-26 20:21 - 2014-11-26 20:21 - 00001944 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-26 20:21 - 2014-11-26 20:20 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-11-26 20:20 - 2014-11-26 20:20 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-11-26 07:33 - 2014-11-26 07:33 - 00000000 __SHD () C:\Users\judy\AppData\Local\EmieBrowserModeList
2014-11-19 07:47 - 2014-11-19 07:47 - 00834952 _____ (SlimWare Utilities, Inc.) C:\Users\judy\Downloads\DriverUpdate-setup.exe
2014-11-18 19:34 - 2014-11-18 19:34 - 00691576 _____ (Yahoo! Inc.) C:\Users\judy\Downloads\msgr11us (1).exe
2014-11-18 19:26 - 2014-11-18 19:36 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Yahoo!
2014-11-18 19:26 - 2014-11-18 19:26 - 00001161 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-11-18 19:26 - 2014-11-18 19:26 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-11-18 19:26 - 2014-11-18 19:26 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-11-18 19:26 - 2014-11-18 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-11-18 19:09 - 2014-11-18 19:26 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-11-18 19:08 - 2014-11-18 19:08 - 00691576 _____ (Yahoo! Inc.) C:\Users\judy\Downloads\msgr11us.exe
2014-11-18 18:44 - 2014-11-18 18:44 - 00003078 _____ () C:\WINDOWS\System32\Tasks\{E3197826-D64B-4D84-B494-3BE4C9DE1A9F}
2014-11-18 18:24 - 2014-11-18 18:24 - 00000000 ____D () C:\Users\judy\AppData\Local\AMD
2014-11-18 17:06 - 2014-11-18 17:06 - 00277816 _____ (K) C:\Users\judy\Downloads\yahoo-messenger.exe
2014-11-18 16:27 - 2014-11-18 16:27 - 00357489 _____ () C:\Users\judy\Downloads\photo (3).htm
2014-11-18 16:26 - 2014-11-18 16:26 - 00880049 _____ () C:\Users\judy\Downloads\Judy K Moore-lynch.html
2014-11-18 16:26 - 2014-11-18 16:26 - 00364098 _____ () C:\Users\judy\Downloads\photo (2).htm
2014-11-18 16:26 - 2014-11-18 16:26 - 00000000 ____D () C:\Users\judy\Downloads\Judy K Moore-lynch_files
2014-11-18 16:25 - 2014-11-18 16:25 - 00366250 _____ () C:\Users\judy\Downloads\photo (1).htm
2014-11-18 16:24 - 2014-11-18 16:24 - 00362972 _____ () C:\Users\judy\Downloads\photo.htm
2014-11-18 15:43 - 2014-11-09 17:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-18 15:43 - 2014-11-09 17:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-18 15:43 - 2014-11-09 17:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-18 15:43 - 2014-11-09 17:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-13 08:51 - 2014-11-13 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Downloader
2014-11-13 08:51 - 2014-11-13 08:51 - 00000000 ____D () C:\Program Files (x86)\Media Downloader
2014-11-13 08:50 - 2014-11-13 08:50 - 00000000 _____ () C:\LILE.tmp
2014-11-13 08:47 - 2014-11-13 08:47 - 00000000 ____D () C:\9e5bf2b7-7612-4936-83f3-10ab16f052c2
2014-11-13 08:46 - 2014-11-13 08:46 - 00122916 _____ () C:\Users\judy\Desktop\Gluten Free Dill Corn Cakes - Gluten Free Gigi.html
2014-11-13 08:46 - 2014-11-13 08:46 - 00000000 ____D () C:\Users\judy\Desktop\Gluten Free Dill Corn Cakes - Gluten Free Gigi_files
2014-11-13 07:41 - 2014-11-13 07:42 - 79485536 _____ () C:\Users\judy\Downloads\JavaUpdate (9).exe
2014-11-12 17:14 - 2014-10-30 23:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-12 17:14 - 2014-10-30 21:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-12 17:11 - 2014-10-30 23:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-12 17:11 - 2014-10-30 22:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-12 17:11 - 2014-10-30 22:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-12 17:11 - 2014-10-30 22:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-12 17:11 - 2014-10-30 22:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-12 17:11 - 2014-10-30 22:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-12 17:11 - 2014-10-30 22:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-12 17:11 - 2014-10-30 21:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-12 17:11 - 2014-10-30 21:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-12 17:11 - 2014-10-30 21:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-12 17:11 - 2014-10-30 21:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-12 17:11 - 2014-10-30 21:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-12 17:11 - 2014-10-30 21:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-12 17:11 - 2014-10-30 21:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-12 17:11 - 2014-10-30 21:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-12 17:11 - 2014-10-30 20:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-12 17:11 - 2014-10-30 20:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-12 17:11 - 2014-10-30 20:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-12 17:11 - 2014-10-30 20:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-12 17:11 - 2014-10-30 20:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-12 17:11 - 2014-10-30 20:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-12 17:10 - 2014-10-30 23:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-12 17:10 - 2014-10-30 23:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-12 17:10 - 2014-10-30 23:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-12 17:10 - 2014-10-30 23:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-12 17:10 - 2014-10-30 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-12 17:10 - 2014-10-30 23:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-12 17:10 - 2014-10-30 23:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-12 17:10 - 2014-10-30 23:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-12 17:10 - 2014-10-30 23:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-12 17:10 - 2014-10-30 23:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-12 17:10 - 2014-10-30 23:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-12 17:10 - 2014-10-30 22:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-12 17:10 - 2014-10-30 22:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-12 17:10 - 2014-10-30 22:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-12 17:10 - 2014-10-30 22:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-12 17:10 - 2014-10-30 22:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-12 17:10 - 2014-10-30 22:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-12 17:10 - 2014-10-30 22:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-12 17:10 - 2014-10-30 22:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-12 17:10 - 2014-10-30 22:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-12 17:10 - 2014-10-30 22:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-12 17:10 - 2014-10-30 22:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-12 17:10 - 2014-10-30 22:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-12 17:10 - 2014-10-30 22:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-12 17:10 - 2014-10-30 22:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-12 17:10 - 2014-10-30 22:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-12 17:10 - 2014-10-30 22:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-12 17:10 - 2014-10-30 22:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-12 17:10 - 2014-10-30 22:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-12 17:10 - 2014-10-30 22:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-12 17:10 - 2014-10-30 22:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-12 17:10 - 2014-10-30 22:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-12 17:10 - 2014-10-30 22:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-12 17:10 - 2014-10-30 21:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-12 17:10 - 2014-10-30 21:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-12 17:10 - 2014-10-30 21:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-12 17:10 - 2014-10-30 21:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-12 17:10 - 2014-10-30 21:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-12 17:10 - 2014-10-30 21:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-12 17:10 - 2014-10-30 21:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-12 17:10 - 2014-10-30 21:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-12 17:10 - 2014-10-30 21:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-12 17:10 - 2014-10-30 21:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-12 17:10 - 2014-10-30 21:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-12 17:10 - 2014-10-30 21:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-12 17:10 - 2014-10-30 21:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-12 17:10 - 2014-10-30 21:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-12 17:10 - 2014-10-30 21:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-12 17:10 - 2014-10-30 21:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-12 17:10 - 2014-10-30 21:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-12 17:10 - 2014-10-30 21:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-12 17:10 - 2014-10-30 21:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-12 17:10 - 2014-10-30 21:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-12 17:10 - 2014-10-30 20:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 17:10 - 2014-10-30 20:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-12 17:10 - 2014-10-30 20:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-12 17:10 - 2014-10-30 20:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-12 17:10 - 2014-10-30 20:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-12 17:10 - 2014-10-30 20:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-12 17:10 - 2014-10-30 20:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-12 17:10 - 2014-10-30 20:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-12 17:10 - 2014-10-30 20:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-12 17:10 - 2014-10-30 20:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-12 17:10 - 2014-10-30 20:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-12 17:10 - 2014-10-30 20:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-12 17:10 - 2014-10-30 20:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-12 17:10 - 2014-10-30 20:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-12 17:10 - 2014-10-30 20:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-12 17:10 - 2014-10-30 20:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-12 17:09 - 2014-10-18 03:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-12 17:09 - 2014-10-18 02:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-12 17:09 - 2014-10-18 02:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-12 17:09 - 2014-10-18 01:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-12 17:09 - 2014-10-18 00:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-12 17:09 - 2014-10-18 00:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-12 17:09 - 2014-10-18 00:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-12 17:09 - 2014-10-18 00:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-12 17:09 - 2014-10-18 00:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-12 17:09 - 2014-10-18 00:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-12 17:09 - 2014-10-18 00:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-12 17:09 - 2014-10-18 00:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-12 17:09 - 2014-10-18 00:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-12 17:09 - 2014-10-18 00:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-12 17:09 - 2014-10-18 00:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-12 17:09 - 2014-10-18 00:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-12 17:09 - 2014-10-12 20:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-12 17:09 - 2014-10-10 18:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-12 17:09 - 2014-10-10 18:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-12 17:09 - 2014-10-09 19:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-12 17:09 - 2014-10-09 19:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-12 17:09 - 2014-10-09 19:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-12 17:09 - 2014-10-08 01:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-12 17:09 - 2014-10-08 01:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-12 17:09 - 2014-10-08 01:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-12 17:09 - 2014-10-08 01:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-12 17:09 - 2014-10-08 01:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-12 17:09 - 2014-10-08 01:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-12 17:09 - 2014-10-08 00:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-12 17:09 - 2014-10-08 00:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-12 17:09 - 2014-10-08 00:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-12 17:09 - 2014-10-08 00:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-12 17:09 - 2014-10-08 00:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-12 17:09 - 2014-10-08 00:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-12 17:09 - 2014-10-07 23:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-12 17:09 - 2014-10-07 23:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-12 17:09 - 2014-10-07 23:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-12 17:09 - 2014-09-27 01:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-12 17:09 - 2014-09-26 23:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-12 17:09 - 2014-09-26 21:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-12 17:09 - 2014-09-26 21:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-12 17:09 - 2014-09-26 21:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-12 17:09 - 2014-09-21 22:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-12 17:09 - 2014-09-21 21:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-12 17:09 - 2014-09-21 21:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-12 17:09 - 2014-09-21 20:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-12 17:09 - 2014-09-18 18:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-12 17:09 - 2014-09-02 16:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-12 17:09 - 2014-09-02 16:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-12 17:08 - 2014-10-17 01:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-12 17:08 - 2014-10-17 00:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-12 17:04 - 2014-11-04 17:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-11-12 17:04 - 2014-11-03 18:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-11-12 17:04 - 2014-10-30 22:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-11-12 17:04 - 2014-10-30 22:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-11-12 17:04 - 2014-10-30 22:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-11-12 17:04 - 2014-10-22 23:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-12 17:04 - 2014-10-22 23:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-12 17:04 - 2014-10-07 00:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-12 17:04 - 2014-10-07 00:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-12 17:04 - 2014-10-07 00:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-12 17:04 - 2014-10-07 00:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-12 17:04 - 2014-10-07 00:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-12 17:04 - 2014-10-06 21:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-12 17:04 - 2014-10-06 21:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-12 17:04 - 2014-10-06 21:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-12 17:04 - 2014-10-06 21:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-12 17:04 - 2014-10-06 19:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-12 17:04 - 2014-10-06 19:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-12 17:04 - 2014-08-22 23:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-12 17:04 - 2014-08-22 23:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-12 17:03 - 2014-09-10 00:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-12 17:03 - 2014-09-07 21:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-12 17:03 - 2014-09-07 21:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-12 17:03 - 2014-09-07 16:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-12 17:03 - 2014-09-04 16:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-12 17:03 - 2014-09-04 16:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-12 17:03 - 2014-09-03 21:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-12 17:03 - 2014-09-03 20:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-12 17:03 - 2014-09-03 19:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-12 17:03 - 2014-09-03 18:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-12 17:03 - 2014-08-30 18:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-12 17:03 - 2014-08-30 18:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-12 17:03 - 2014-08-30 16:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-12 17:03 - 2014-08-30 16:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-12 17:03 - 2014-08-30 15:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-12 17:03 - 2014-08-30 15:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-12 17:03 - 2014-08-30 14:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-12 17:03 - 2014-08-30 14:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-12 17:03 - 2014-08-27 20:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-12 17:03 - 2014-08-27 18:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-12 17:03 - 2014-08-27 18:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-12 17:03 - 2014-08-22 23:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-12 17:03 - 2014-08-22 23:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-12 17:03 - 2014-08-22 22:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-12 17:03 - 2014-08-01 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-12 17:03 - 2014-08-01 18:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-08 18:50 - 2014-12-01 10:33 - 01563414 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (8).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (7).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (6).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (5).exe
2014-11-08 06:50 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (4).exe
2014-11-08 06:50 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (3).exe
2014-11-08 06:49 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (2).exe
2014-11-08 06:49 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (1).exe
2014-11-08 06:47 - 2014-11-08 06:47 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-01 16:05 - 2014-08-28 12:41 - 00000000 ____D () C:\FRST
2014-12-01 16:00 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-01 15:52 - 2014-09-01 21:51 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-01 15:16 - 2014-09-01 21:47 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-01 15:13 - 2014-08-29 15:23 - 00000000 ____D () C:\AdwCleaner
2014-12-01 14:37 - 2014-10-01 14:12 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0D5DAD40-3BDF-4170-B265-541749FE8BE6}
2014-12-01 11:16 - 2014-09-01 21:47 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-30 18:24 - 2014-08-29 03:00 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809952396-1488035759-1417517223-1001
2014-11-30 18:14 - 2014-09-25 20:25 - 00000000 ___DO () C:\Users\judy\OneDrive
2014-11-30 18:10 - 2013-08-03 05:09 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-11-30 18:08 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-30 18:07 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-30 17:33 - 2014-10-01 15:33 - 00000133 _____ () C:\Users\judy\AppData\Roaming\WB.CFG
2014-11-28 13:33 - 2014-10-03 16:06 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-11-28 13:26 - 2014-10-27 23:06 - 00000000 ____D () C:\ProgramData\ecbaef90-5696-41e1-a1c3-3e8112ce2840
2014-11-28 13:26 - 2014-10-03 16:44 - 00000000 ____D () C:\Program Files (x86)\Addon control
2014-11-28 11:24 - 2014-10-03 15:13 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-11-28 11:20 - 2014-10-03 15:13 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-28 10:24 - 2014-10-10 11:48 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2014-11-26 23:04 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-26 22:22 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-26 20:20 - 2014-09-01 21:46 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-11-26 20:20 - 2014-09-01 21:46 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-11-26 20:19 - 2014-09-01 21:46 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-11-26 19:45 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-25 17:34 - 2012-07-26 01:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-23 23:17 - 2014-10-08 15:13 - 00011048 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-11-21 20:32 - 2014-03-18 04:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-20 14:51 - 2013-08-22 09:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-20 14:51 - 2013-08-22 09:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-18 19:27 - 2014-08-29 02:30 - 00000000 ____D () C:\Users\judy\AppData\Local\VirtualStore
2014-11-18 13:51 - 2012-07-25 23:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-11-16 05:14 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-15 17:44 - 2013-08-22 08:44 - 00337808 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-15 17:41 - 2014-09-03 11:54 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-15 17:41 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-13 11:11 - 2014-09-01 21:47 - 00003894 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 11:11 - 2014-09-01 21:47 - 00003658 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 17:26 - 2014-08-31 17:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-12 17:21 - 2014-08-31 17:34 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-07 18:52 - 2014-10-15 15:58 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Google
 
Some content of TEMP:
====================
C:\Users\judy\AppData\Local\Temp\ReimageExpressSetup.exe
C:\Users\judy\AppData\Local\Temp\sqlite3.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-30 18:24
 
==================== End Of Log ============================
 
is this the scan you are needing..

  • 0

#42
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you still getting the error that FRST is not in the same location as the fixlist ?

If so download a fresh copy of FRST and save it to the desktop :

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Then download this fixlist.txt to the desktop as well so that they are alongside each other
Attached File  fixlist.txt   7.41KB   221 downloads

FRSTfix.JPG

Then start FRST and press fix
  • 0

#43
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2014
Ran by judy at 2014-12-01 19:22:14 Run:1
Running from C:\Users\judy\Desktop
Loaded Profile: judy (Available profiles: judy & Administrator & Guest)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [233280 2014-11-10] (Search Protect)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [188224 2014-11-10] (Search Protect)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3332182&octid=EB_ORIGINAL_CTID&ISID=M9BAEB2A2-9840-4A72-9828-9DB3140E6D6E&SearchSource=55&CUI=&UM=6&UP=SP2CF9FE81-761D-4340-A3BB-242A354FA4D1&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3332182&octid=EB_ORIGINAL_CTID&ISID=M9BAEB2A2-9840-4A72-9828-9DB3140E6D6E&SearchSource=55&CUI=&UM=6&UP=SP2CF9FE81-761D-4340-A3BB-242A354FA4D1&SSPV=", "https://www.google.com/?gws_rd=ssl", "https://www.google.com/?trackid=sp-006" 
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> http://www.trovi.com...rchTerms}&SSPV=
CHR DefaultNewTabURL: Default -> https://www.trovi.co...4FA4D1&SAT=CNTS
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:56434;https=127.0.0.1:56434
BHO: No Name -> {11111111-1111-1111-1111-110611341143} -> No File
BHO: No Name -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> No File
BHO-x32: No Name -> {05b5ef3f-4c6a-426e-b77e-48ebb3e721f1} -> No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110611341143} -> No File
BHO-x32: No Name -> {47A93636-7E77-3768-FEA1-A3984700C69B} -> No File
R1 {2859046f-5dca-482a-8c2d-37943d33a392}Gw64; C:\Windows\System32\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys [48792 2014-11-04] (StdLib)
R1 {29302da5-1178-40ac-a178-4cb57ebcc501}Gw64; C:\Windows\System32\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}Gw64.sys [48792 2014-10-25] (StdLib)
R1 {6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64; C:\Windows\System32\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys [48792 2014-11-01] (StdLib)
R1 {7012eec1-4f37-42d4-a2cd-26727494d248}Gw64; C:\Windows\System32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys [48792 2014-10-11] (StdLib)
R1 {8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64; C:\Windows\System32\drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys [48792 2014-11-06] (StdLib)
R1 {9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64; C:\Windows\System32\drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys [48792 2014-11-10] (StdLib)
R1 {a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64; C:\Windows\System32\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64.sys [48792 2014-10-25] (StdLib)
R1 {dda91daf-e6f8-4453-88d1-df18d861c904}Gw64; C:\Windows\System32\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}Gw64.sys [48792 2014-10-28] (StdLib)
R1 {e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64; C:\Windows\System32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys [48792 2014-10-01] (StdLib)
C:\Windows\System32\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys
C:\Windows\System32\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}Gw64.sys
C:\Windows\System32\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys
C:\Windows\System32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys
C:\Windows\System32\drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys
C:\Windows\System32\drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys
C:\Windows\System32\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64.sys
C:\Windows\System32\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}Gw64.sys
C:\Windows\System32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys
2014-11-28 20:17 - 2014-11-28 20:17 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (10).exe
2014-11-27 11:19 - 2014-11-27 11:19 - 01178952 _____ (Kromtech) C:\Users\judy\Downloads\PCKeeper Installer.exe
2014-11-19 07:47 - 2014-11-19 07:47 - 00834952 _____ (SlimWare Utilities, Inc.) C:\Users\judy\Downloads\DriverUpdate-setup.exe
2014-11-18 19:34 - 2014-11-18 19:34 - 00691576 _____ (Yahoo! Inc.) C:\Users\judy\Downloads\msgr11us (1).exe
2014-11-18 19:08 - 2014-11-18 19:08 - 00691576 _____ (Yahoo! Inc.) C:\Users\judy\Downloads\msgr11us.exe
2014-11-18 18:44 - 2014-11-18 18:44 - 00003078 _____ () C:\WINDOWS\System32\Tasks\{E3197826-D64B-4D84-B494-3BE4C9DE1A9F}
2014-11-18 18:36 - 2014-11-18 18:36 - 00001162 _____ () C:\Users\judy\Desktop\Live PC Help.lnk
2014-11-18 18:24 - 2014-11-18 18:24 - 00000000 ____D () C:\Users\judy\AppData\Local\AMD
2014-11-18 18:17 - 2014-11-18 18:17 - 00004010 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-11-18 18:17 - 2014-11-18 18:17 - 00003314 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector
2014-11-18 18:17 - 2014-11-18 18:17 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Advanced System Protector
2014-11-18 18:15 - 2014-11-23 23:07 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-11-18 18:14 - 2014-11-18 18:15 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-11-18 17:06 - 2014-11-18 17:06 - 00277816 _____ (K) C:\Users\judy\Downloads\yahoo-messenger.exe
2014-11-10 07:58 - 2014-11-10 02:30 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (8).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (7).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (6).exe
2014-11-08 06:50 - 2014-11-08 06:51 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (5).exe
2014-11-08 06:50 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (4).exe
2014-11-08 06:50 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (3).exe
2014-11-08 06:49 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (2).exe
2014-11-08 06:49 - 2014-11-08 06:50 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate (1).exe
2014-11-08 06:47 - 2014-11-08 06:47 - 79486264 _____ () C:\Users\judy\Downloads\JavaUpdate.exe
2014-11-06 23:32 - 2014-11-06 20:33 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys
2014-11-05 07:04 - 2014-11-04 18:44 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys
2014-11-01 07:48 - 2014-11-01 06:48 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys
2014-11-30 16:33 - 2014-10-01 14:33 - 00000304 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-11-30 10:58 - 2013-08-03 05:09 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-11-28 13:26 - 2014-10-27 23:06 - 00000000 ____D () C:\ProgramData\ecbaef90-5696-41e1-a1c3-3e8112ce2840
2014-11-18 18:37 - 2014-10-01 14:31 - 00000000 ____D () C:\Users\judy\AppData\Roaming\Systweak
EmptyTemp:
CMD: bitsadmin /reset /allusers
 
*****************
 
HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BRS => Value not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll" => Value Data not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" => Value Data not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk => Moved successfully.
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File) not found.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3809952396-1488035759-1417517223-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
CHR DefaultNewTabURL: Default -> https://www.trovi.co...4FA4D1&SAT=CNTS => Error: No automatic fix found for this entry.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341143}" => Key deleted successfully.
"HKCR\CLSID\{11111111-1111-1111-1111-110611341143}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47A93636-7E77-3768-FEA1-A3984700C69B}" => Key deleted successfully.
"HKCR\CLSID\{47A93636-7E77-3768-FEA1-A3984700C69B}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05b5ef3f-4c6a-426e-b77e-48ebb3e721f1}" => Key not found.
"HKCR\Wow6432Node\CLSID\{05b5ef3f-4c6a-426e-b77e-48ebb3e721f1}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341143}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611341143}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47A93636-7E77-3768-FEA1-A3984700C69B}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{47A93636-7E77-3768-FEA1-A3984700C69B}" => Key not found.
{2859046f-5dca-482a-8c2d-37943d33a392}Gw64 => Service not found.
{29302da5-1178-40ac-a178-4cb57ebcc501}Gw64 => Service not found.
{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64 => Service not found.
{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64 => Service not found.
{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64 => Service not found.
{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64 => Service not found.
{a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64 => Service not found.
{dda91daf-e6f8-4453-88d1-df18d861c904}Gw64 => Service not found.
{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64 => Service not found.
"C:\Windows\System32\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys" => File/Directory not found.
"C:\Windows\System32\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}Gw64.sys" => File/Directory not found.
"C:\Windows\System32\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys" => File/Directory not found.
"C:\Windows\System32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys" => File/Directory not found.
"C:\Windows\System32\drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys" => File/Directory not found.
"C:\Windows\System32\drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys" => File/Directory not found.
"C:\Windows\System32\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64.sys" => File/Directory not found.
"C:\Windows\System32\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}Gw64.sys" => File/Directory not found.
"C:\Windows\System32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys" => File/Directory not found.
C:\Users\judy\Downloads\JavaUpdate (10).exe => Moved successfully.
C:\Users\judy\Downloads\PCKeeper Installer.exe => Moved successfully.
C:\Users\judy\Downloads\DriverUpdate-setup.exe => Moved successfully.
C:\Users\judy\Downloads\msgr11us (1).exe => Moved successfully.
C:\Users\judy\Downloads\msgr11us.exe => Moved successfully.
C:\WINDOWS\System32\Tasks\{E3197826-D64B-4D84-B494-3BE4C9DE1A9F} => Moved successfully.
"C:\Users\judy\Desktop\Live PC Help.lnk" => File/Directory not found.
C:\Users\judy\AppData\Local\AMD => Moved successfully.
"C:\WINDOWS\System32\Tasks\LaunchSignup" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\Advanced System Protector" => File/Directory not found.
"C:\Users\judy\AppData\Roaming\Advanced System Protector" => File/Directory not found.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
"C:\Program Files (x86)\SearchProtect" => File/Directory not found.
C:\Users\judy\Downloads\yahoo-messenger.exe => Moved successfully.
"C:\WINDOWS\system32\Drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}Gw64.sys" => File/Directory not found.
C:\Users\judy\Downloads\JavaUpdate (8).exe => Moved successfully.
C:\Users\judy\Downloads\JavaUpdate (7).exe => Moved successfully.
C:\Users\judy\Downloads\JavaUpdate (6).exe => Moved successfully.
C:\Users\judy\Downloads\JavaUpdate (5).exe => Moved successfully.
C:\Users\judy\Downloads\JavaUpdate (4).exe => Moved successfully.
C:\Users\judy\Downloads\JavaUpdate (3).exe => Moved successfully.
C:\Users\judy\Downloads\JavaUpdate (2).exe => Moved successfully.
C:\Users\judy\Downloads\JavaUpdate (1).exe => Moved successfully.
C:\Users\judy\Downloads\JavaUpdate.exe => Moved successfully.
"C:\WINDOWS\system32\Drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}Gw64.sys" => File/Directory not found.
"C:\WINDOWS\system32\Drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys" => File/Directory not found.
"C:\WINDOWS\system32\Drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys" => File/Directory not found.
"C:\WINDOWS\Tasks\WSE_Astromenda.job" => File/Directory not found.
 
"C:\ProgramData\boost_interprocess" directory move:
 
C:\ProgramData\boost_interprocess\20141130180808.494348\Nobu64AgentService2.9.0.19 => Moved successfully.
C:\ProgramData\boost_interprocess\20141130180808.494348\Nobu64TrayIcon2.9.0.19 => Moved successfully.
Could not move "C:\ProgramData\boost_interprocess" directory. => Scheduled to move on reboot.
 
C:\ProgramData\ecbaef90-5696-41e1-a1c3-3e8112ce2840 => Moved successfully.
"C:\Users\judy\AppData\Roaming\Systweak" => File/Directory not found.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {0D6E7E67-96CD-4229-8B09-CA1E76F9C90E}.
{4AAE5924-A27B-4CBB-8C46-31C07584F53E} canceled.
1 out of 2 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 512.7 MB temporary data.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-12-01 19:25:31)<=
 
C:\ProgramData\boost_interprocess => Is moved successfully.
 
==== End of Fixlog ====
 
it took uninstall and re-stalling at least 5 times for it to work..

  • 0

#44
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm weird, how is the computer behaving now ?
  • 0

#45
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

still lagging some what was wrong.. and can you suggest the best protection i can put on this computer..


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP