Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by tonielizabeth (administrator) on TONI-PC on 15-06-2015 20:46:21
Running from C:\Users\tonielizabeth\Desktop
Loaded Profiles: tonielizabeth (Available Profiles: tonielizabeth & tangy_000 & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...=============== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Hefei Hejunzhengce Info Tech Co., Ltd.) C:\Program Files (x86)\Windows FontCache\R1\FontCache.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Oppoos.com) C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieCleanService.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel® Corporation) C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\Mobogenie\MgAssist.exe
(Mobogenie.com) C:\Program Files (x86)\Mobogenie3\MobogenieService.exe
(PicRec) C:\Program Files\Common Files\PicRec\PicRecHelper\picrecs.exe
(Systweak) C:\Program Files (x86)\Right Backup\RBClientService.exe
() C:\Windows\Microsoft\sogr\WindowsUpdater.exe
(TODO: <公司名>) C:\Program Files (x86)\Blazers\Watsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Network Accelerater\v5\winvxm.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Acute Angle Solutions) C:\ProgramData\ZEuecPj\HlbLAXLR.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(TODO: ) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\ProgramData\Nejuolinra\1.0.1.0\wusuaefx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Systweak) C:\Program Files (x86)\Right Backup\RightBackup.exe
(Secure Download Ltd.) C:\Program Files (x86)\SoftPlanet Software Assistant\spassist.exe
() C:\Program Files (x86)\Gamesorama\gamesorama_helper_service.exe
(InfoHD-V1.8) C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-10.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\ProgramData\Nejuolinra\1.0.1.0\wusuaefx.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pokki) C:\Users\tonielizabeth\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Pay By Ads LTD) C:\Users\tonielizabeth\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Oppoos.com) C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Mobogenie3\MoboGenieHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Pay By Ads LTD) C:\Users\tonielizabeth\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrsetup.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\PicRec\runtime\win32\Privoxy\privoxy.exe
() C:\ProgramData\a68d9eea-b970-45e3-ba05-b4a5e2e396bc\maintainer.exe
() C:\Program Files (x86)\webget\bin\utilwebget.exe
() C:\Program Files (x86)\webget\bin\webget.PurBrowse64.exe
() C:\Program Files (x86)\webget\bin\webget.expext.exe
() C:\Program Files (x86)\webget\bin\webget.BrowserAdapter.exe
() C:\Program Files (x86)\webget\bin\webget.BrowserAdapter64.exe
() C:\Program Files (x86)\webget\bin\webget.BOASHelper.exe
() C:\Program Files (x86)\webget\updatewebget.exe
(mobogenie.com) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\webget\bin\webget.BOASPRT.exe
() C:\Program Files (x86)\webget\bin\webget.BOAS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
() C:\Program Files (x86)\webget\bin\webget.BOASPRT.exe
() C:\Program Files (x86)\webget\bin\webget.BOAS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-10-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [748736 2014-07-22] ()
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-05-06] (Acer Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\Run: [Yahoo! Search] => C:\Users\tonielizabeth\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe [644352 2015-03-28] (Pay By Ads LTD)
HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\Run: [GenieFloater] => C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe [1850520 2015-02-06] (Oppoos.com)
HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1104384 2014-01-04] (Spotify Ltd)
HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28919424 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\RunOnce: [Application Restart #1] => C:\Users\tonielizabeth\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-clie (the data entry has 556 more characters).
HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\RunOnce: [Application Restart #0] => C:\Users\tonielizabeth\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-clie (the data entry has 556 more characters).
HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\Policies\Explorer: [NoInternetIcon] 1
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [245056 2014-12-10] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [215360 2014-12-10] (Client Connect LTD)
Startup: C:\Users\tonielizabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2014-05-03]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (No File)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:8118;https=127.0.0.1:8118
ProxyEnable: [S-1-5-19] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-19] => http=127.0.0.1:8118;https=127.0.0.1:8118
ProxyEnable: [S-1-5-20] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-20] => http=127.0.0.1:8118;https=127.0.0.1:8118
ProxyEnable: [S-1-5-21-3225058651-2230390788-3555302883-1001] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-21-3225058651-2230390788-3555302883-1001] => http=127.0.0.1:8118;https=127.0.0.1:8118
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {3AC6EB0B-3E8A-4940-8273-7DEC8FC97C81} URL = http://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {3AC6EB0B-3E8A-4940-8273-7DEC8FC97C81} URL = http://www.bing.com/...> SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://uk.yhs4.searc...> SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://uk.yhs4.searc...> SearchScopes: HKU\S-1-5-21-3225058651-2230390788-3555302883-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.bing.com/...> SearchScopes: HKU\S-1-5-21-3225058651-2230390788-3555302883-1001 -> {3AC6EB0B-3E8A-4940-8273-7DEC8FC97C81} URL = http://start.mysearc...> SearchScopes: HKU\S-1-5-21-3225058651-2230390788-3555302883-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-3225058651-2230390788-3555302883-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://uk.yhs4.searc...> SearchScopes: HKU\S-1-5-21-3225058651-2230390788-3555302883-1001 -> {C695A1AF-F42D-4A1B-923C-AFDD52CC926F} URL = http://rts.dsrlte.co...=728<br /> BHO: GoPhoto.it V9.0 -> {11111111-1111-1111-1111-110311401168} -> C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-bho64.dll [2014-07-06] (installdaddy)
BHO: Torntv V9.0 -> {11111111-1111-1111-1111-110511131190} -> C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho64.dll [2014-07-06] (installdaddy)
BHO: HD-V1.8 -> {11111111-1111-1111-1111-110511951168} -> C:\Program Files (x86)\HD-V1.8\HD-V1.8-bho64.dll [2014-07-06] (InfoHD-V1.8)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: TidyNetwork -> {A73C41C8-A8C6-36BA-C1AF-62913E721593} -> C:\Program Files (x86)\TidyNetwork\petn64.dll [2014-08-16] ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: GoPhoto.it V9.0 -> {11111111-1111-1111-1111-110311401168} -> C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-bho.dll [2014-07-06] (installdaddy)
BHO-x32: Torntv V9.0 -> {11111111-1111-1111-1111-110511131190} -> C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll [2014-07-06] (installdaddy)
BHO-x32: HD-V1.8 -> {11111111-1111-1111-1111-110511951168} -> C:\Program Files (x86)\HD-V1.8\HD-V1.8-bho.dll [2014-07-06] (InfoHD-V1.8)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-08] (Oracle Corporation)
BHO-x32: TidyNetwork -> {A73C41C8-A8C6-36BA-C1AF-62913E721593} -> C:\Program Files (x86)\TidyNetwork\petn.dll [2014-08-16] ()
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-08] (Oracle Corporation)
BHO-x32: webget 1.0.0.7 -> {dc264a72-fa75-4948-b881-ea8eff8e5dd2} -> C:\Program Files (x86)\webget\webgetBHO.dll [2015-01-27] (webget)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer 11\iexplorer.exe
FireFox:
========
FF ProfilePath: C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default
FF NetworkProxy: " type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-28] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-07-06] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-07-06] (globalUpdate)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF user.js: detected! => C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\user.js [2014-05-04]
FF SearchPlugin: C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\searchplugins\dsrlte.xml [2015-01-17]
FF SearchPlugin: C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\searchplugins\Mysearchdial.xml [2014-05-04]
FF SearchPlugin: C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\searchplugins\trovi-search.xml [2014-11-05]
FF SearchPlugin: C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\searchplugins\Web Search.xml [2015-06-14]
FF Extension: Plus-HD-V1.8c - C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\Extensions\[email protected] [2015-06-15]
FF Extension: imageblockererikvoldcom - C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\Extensions\[email protected] [2015-04-02]
FF Extension: md5rehasherphoneixses - C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\Extensions\[email protected] [2015-04-21]
FF Extension: TidyNetwork - C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\Extensions\TidyNetwork@TidyNetwork [2014-08-16]
FF Extension: vdpurelink64 - C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\Extensions\vdpure@link64 [2015-05-29]
FF Extension: No Name - C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\Extensions\[email protected] [2014-08-16]
FF Extension: webget 1.0.1 - C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\Extensions\{188e0a3f-4385-4ac2-8eb3-bef5d3b2ba8b}.xpi [2014-11-30]
FF Extension: MySearchDial - C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi [2014-05-04]
FF Extension: YouTube Downloader and Converter - C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\Extensions\{b9bfaf1c-a63f-47cd-0829-29526ced3667}.xpi [2014-09-10]
FF Extension: YouTube Downloader and Converter - C:\Users\tonielizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\dz9avust.default\Extensions\{b9bfaf1c-a63f-47cd-0829-29526ced3775}.xpi [2014-08-16]
FF HKLM-x32\...\Firefox\Extensions: [{b9bfaf1c-a63f-47cd-0829-29526ced3775}] - C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi
FF Extension: YouTube Downloader and Converter - C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi [2015-01-24]
FF HKLM-x32\...\Firefox\Extensions: [{b9bfaf1c-a63f-47cd-0829-29526ced3667}] - C:\Program Files (x86)\Mozilla Firefox\extension\\getvideosoft.xpi
FF Extension: YouTube Downloader and Converter - C:\Program Files (x86)\Mozilla Firefox\extension\\getvideosoft.xpi [2015-01-24]
FF HKLM-x32\...\Mozilla Firefox 30.0\Extensions: [{b9bfaf1c-a63f-47cd-0829-29526ced3775}] - C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi
FF HKLM-x32\...\Mozilla Firefox 30.0\Extensions: [{b9bfaf1c-a63f-47cd-0829-29526ced3667}] - C:\Program Files (x86)\Mozilla Firefox\extension\\getvideosoft.xpi
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-03-25] <==== ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows ® Win 7 DDK provider) [File not signed]
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53320 2014-11-13] (Just Develop It) <==== ATTENTION
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-06] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3320640 2014-12-10] (Client Connect LTD)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-10-02] (ELAN Microelectronics Corp.)
R2 FontCache_R1; C:\Program Files (x86)\Windows FontCache\R1\FontCache.exe [3751000 2015-04-07] (Hefei Hejunzhengce Info Tech Co., Ltd.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: ) [File not signed]
R2 GenieCleanService; C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieCleanService.exe [53400 2015-02-06] (Oppoos.com)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-06] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-06] (globalUpdate) [File not signed] <==== ATTENTION
R2 HlbLAXLR; C:\ProgramData\ZEuecPj\HlbLAXLR.exe [2321792 2014-10-03] (Acute Angle Solutions)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
R2 Intel® TechnologyAccessService; C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel® Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporate)
R2 MaintainerSvc1.11.3209076; C:\ProgramData\a68d9eea-b970-45e3-ba05-b4a5e2e396bc\maintainer.exe [128240 2015-06-15] ()
R2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [105664 2014-07-22] ()
R2 MobogenieService; C:\Program Files (x86)\Mobogenie3\MobogenieService.exe [127680 2015-05-28] (Mobogenie.com)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 picrecupd; C:\Program Files\Common Files\PicRec\PicRecHelper\picrecs.exe [1650336 2014-07-24] (PicRec)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R2 RBClientService; C:\Program Files (x86)\Right Backup\RBClientService.exe [48240 2014-07-11] (Systweak)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
R2 sogr; C:\Windows\Microsoft\sogr\WindowsUpdater.exe [19968 2014-07-29] () [File not signed]
R2 Update webget; C:\Program Files (x86)\webget\updatewebget.exe [464112 2015-06-15] ()
R2 Util webget; C:\Program Files (x86)\webget\bin\utilwebget.exe [464112 2015-06-15] ()
R2 Watsvc; C:\Program Files (x86)\Blazers\Watsvc.exe [107160 2015-04-16] (TODO: <公司名>)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WindowsVNT_R5; C:\Program Files (x86)\Windows Network Accelerater\v5\winvxm.exe [2976880 2015-03-25] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R1 PICRUpdd; C:\Program Files\Common Files\PicRec\PicRecHelper\picrdrw.sys [61920 2014-07-24] ()
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R1 {0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64; C:\Windows\System32\drivers\{0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64.sys [48824 2014-12-01] (StdLib)
R1 {1451f279-8b19-43e6-92be-fda8b8d810d7}w64; C:\Windows\System32\drivers\{1451f279-8b19-43e6-92be-fda8b8d810d7}w64.sys [48776 2014-10-15] (StdLib)
R1 {3e621eab-ed2c-4c84-aec5-15b99c4c467e}w64; C:\Windows\System32\drivers\{3e621eab-ed2c-4c84-aec5-15b99c4c467e}w64.sys [48776 2014-10-19] (StdLib)
R1 {55685567-4840-4a91-962b-49a412e9485a}Gw64; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys [61112 2014-07-03] (StdLib)
R1 {55685567-4840-4a91-962b-49a412e9485a}w64; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys [61112 2014-07-03] (StdLib)
R1 {65cf228c-9737-4032-a0e5-85bf6eb0556b}w64; C:\Windows\System32\drivers\{65cf228c-9737-4032-a0e5-85bf6eb0556b}w64.sys [48824 2014-11-30] (StdLib)
R1 {8b28ba89-580e-4fc0-8860-0d2c459404f2}w64; C:\Windows\System32\drivers\{8b28ba89-580e-4fc0-8860-0d2c459404f2}w64.sys [48824 2014-11-30] (StdLib)
R1 {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64; C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112 2014-04-28] (StdLib)
R1 {bfb10c93-5530-4015-9a3f-61dfa880af58}w64; C:\Windows\System32\drivers\{bfb10c93-5530-4015-9a3f-61dfa880af58}w64.sys [48776 2014-10-27] (StdLib)
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-15 20:46 - 2015-06-15 20:47 - 00038450 _____ C:\Users\tonielizabeth\Desktop\FRST.txt
2015-06-15 20:45 - 2015-06-15 20:46 - 00000000 ____D C:\FRST
2015-06-15 20:43 - 2015-06-15 20:43 - 02109952 _____ (Farbar) C:\Users\tonielizabeth\Desktop\FRST64.exe
2015-06-15 10:01 - 2015-06-15 10:01 - 00000000 ____D C:\Users\tonielizabeth\AppData\Local\GWX
2015-06-14 23:52 - 2015-06-14 23:59 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-14 23:52 - 2015-06-14 23:52 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-14 19:01 - 2015-03-14 09:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-06-14 19:01 - 2015-03-14 09:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-06-14 18:54 - 2015-04-30 21:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-14 18:54 - 2015-04-30 21:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-14 18:04 - 2015-06-15 09:37 - 00003068 _____ C:\Windows\System32\Tasks\Right Backup_startup
2015-06-14 18:02 - 2015-06-14 18:02 - 00003076 _____ C:\Windows\System32\Tasks\Advanced System~Protector_startup
2015-06-14 18:02 - 2015-06-14 18:02 - 00001070 _____ C:\Users\Public\Desktop\Right Backup.lnk
2015-06-14 18:02 - 2015-06-14 18:02 - 00000000 ____D C:\rbtemp
2015-06-14 18:02 - 2015-06-14 18:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
2015-06-14 18:02 - 2015-06-14 18:02 - 00000000 ____D C:\Program Files (x86)\Right Backup
2015-06-14 18:01 - 2015-06-14 18:01 - 00003364 _____ C:\Windows\System32\Tasks\Advanced System~Protector
2015-06-14 18:01 - 2015-06-14 18:01 - 00001061 _____ C:\Users\Public\Desktop\Advanced System~Protector.lnk
2015-06-14 18:01 - 2015-06-14 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
2015-05-30 00:07 - 2015-05-30 00:07 - 03480040 _____ (McAfee, Inc.) C:\Users\tonielizabeth\Downloads\MCPR.exe
2015-05-29 22:28 - 2015-06-15 16:29 - 00000534 _____ C:\Windows\Tasks\gamesorama_helper_service.job
2015-05-29 22:28 - 2015-05-29 22:29 - 00003478 _____ C:\Windows\System32\Tasks\gamesorama_helper_service
2015-05-29 22:28 - 2015-05-29 22:28 - 00000000 ____D C:\Program Files (x86)\Gamesorama
2015-05-21 02:58 - 2015-06-15 17:33 - 00003446 _____ C:\Windows\System32\Tasks\Nejuolinra
2015-05-21 02:58 - 2015-05-21 02:58 - 00000000 ____D C:\ProgramData\Nejuolinra
2015-05-20 20:43 - 2015-05-20 20:44 - 00448512 _____ (OldTimer Tools) C:\Users\tonielizabeth\Downloads\TFC.exe
2015-05-18 23:06 - 2015-05-18 23:12 - 00000000 ____D C:\Users\tangy_000\OneDrive
2015-05-18 23:06 - 2015-05-18 23:07 - 00000000 ____D C:\Users\tangy_000\AppData\Local\Blasteroids
2015-05-18 23:06 - 2015-05-18 23:06 - 00000000 ____D C:\Users\tangy_000\AppData\Roaming\Mozilla
2015-05-18 23:06 - 2015-05-18 23:06 - 00000000 ____D C:\Users\tangy_000\AppData\Roaming\Macromedia
2015-05-18 23:06 - 2015-05-18 23:06 - 00000000 ____D C:\Users\tangy_000\AppData\Local\Mozilla
2015-05-18 23:06 - 2015-05-18 23:06 - 00000000 ____D C:\Users\tangy_000\AppData\Local\Macromedia
2015-05-18 23:03 - 2015-05-18 23:10 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3225058651-2230390788-3555302883-1002
2015-05-18 22:59 - 2015-05-18 22:59 - 00001280 _____ C:\Users\tangy_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio Manager.lnk
2015-05-18 22:59 - 2015-05-18 22:59 - 00000000 ____D C:\Users\tangy_000\PicStream
2015-05-18 22:59 - 2015-05-18 22:59 - 00000000 ____D C:\Users\tangy_000\AppData\Roaming\Apple Computer
2015-05-18 22:59 - 2015-05-18 22:59 - 00000000 ____D C:\Users\tangy_000\AppData\Local\clear.fi
2015-05-18 22:58 - 2015-05-18 22:58 - 00000000 ____D C:\Users\tangy_000\AppData\Local\AOP SDK
2015-05-18 22:57 - 2015-05-18 22:57 - 00000000 ____D C:\Users\tangy_000\AppData\Roaming\Systweak
2015-05-18 22:56 - 2015-05-18 23:11 - 00000000 ____D C:\Users\tangy_000\AppData\Local\Packages
2015-05-18 22:56 - 2015-05-18 22:56 - 00001450 _____ C:\Users\tangy_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-18 22:56 - 2015-05-18 22:56 - 00000020 ___SH C:\Users\tangy_000\ntuser.ini
2015-05-18 22:56 - 2015-05-18 22:56 - 00000000 ____D C:\Users\tangy_000\AppData\Roaming\Adobe
2015-05-18 22:56 - 2015-05-18 22:56 - 00000000 ____D C:\Users\tangy_000\AppData\Local\VirtualStore
2015-05-18 22:56 - 2015-05-18 22:56 - 00000000 _____ C:\Users\tangy_000\daemonprocess.txt
2015-05-18 22:55 - 2015-05-18 23:06 - 00000000 ____D C:\Users\tangy_000
2015-05-18 22:55 - 2015-05-18 23:01 - 00000000 ____D C:\Users\tangy_000\AppData\Local\Pokki
2015-05-18 22:55 - 2015-03-12 23:27 - 00000000 ___RD C:\Users\tangy_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-18 22:55 - 2014-09-05 00:26 - 00002120 _____ C:\Users\tangy_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-05-18 22:55 - 2014-07-17 20:18 - 00000000 ___RD C:\Users\tangy_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-18 22:55 - 2014-02-22 05:37 - 00000369 _____ C:\Users\tangy_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-18 22:55 - 2014-02-22 05:37 - 00000369 _____ C:\Users\tangy_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-18 22:55 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\tangy_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-18 22:55 - 2013-08-22 16:36 - 00000000 ____D C:\Users\tangy_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-18 22:16 - 2015-03-23 22:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-18 22:16 - 2015-03-23 22:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-18 22:16 - 2015-03-23 22:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-18 22:16 - 2015-03-23 22:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-18 22:16 - 2015-03-23 22:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-18 22:16 - 2015-03-20 05:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-05-18 22:16 - 2015-03-20 05:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-18 22:16 - 2015-03-20 05:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-18 22:16 - 2015-03-20 04:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-18 22:16 - 2015-03-20 03:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-18 22:16 - 2015-03-20 03:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-18 22:16 - 2015-03-20 03:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-18 22:16 - 2015-03-13 03:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-05-18 22:16 - 2015-03-13 03:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-05-18 22:16 - 2015-02-24 09:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-05-18 22:16 - 2015-02-21 00:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-05-18 22:13 - 2015-04-21 18:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-18 22:13 - 2015-04-21 17:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-18 22:13 - 2015-04-21 17:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-18 22:13 - 2015-04-21 17:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-18 22:13 - 2015-04-21 17:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-18 22:13 - 2015-04-21 17:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-18 22:13 - 2015-04-21 17:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-18 22:13 - 2015-04-21 17:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-18 22:13 - 2015-04-21 17:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-18 22:13 - 2015-04-21 17:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-18 22:13 - 2015-04-21 16:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-18 22:13 - 2015-04-21 16:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-18 22:13 - 2015-04-21 16:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-18 22:13 - 2015-04-21 16:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-18 22:13 - 2015-04-21 16:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-18 22:13 - 2015-04-21 16:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-18 22:13 - 2015-04-21 16:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-18 22:13 - 2015-04-21 16:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-18 22:13 - 2015-04-21 16:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-18 22:13 - 2015-04-21 16:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-18 22:13 - 2015-04-21 16:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-18 22:13 - 2015-04-21 15:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-18 22:13 - 2015-01-30 01:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-18 22:13 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-18 22:12 - 2015-04-21 17:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-18 22:12 - 2015-04-21 17:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-18 22:12 - 2015-04-21 17:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-18 22:12 - 2015-04-21 17:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-18 22:12 - 2015-04-21 17:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-18 22:12 - 2015-04-21 16:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-18 22:12 - 2015-04-21 16:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-18 22:12 - 2015-04-21 16:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-18 22:12 - 2015-04-21 16:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-18 22:12 - 2015-04-21 16:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-18 22:12 - 2015-04-21 16:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-18 22:12 - 2015-04-21 16:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-18 22:12 - 2015-04-21 16:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-18 22:12 - 2015-04-21 16:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-18 22:12 - 2015-04-21 16:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-18 22:12 - 2015-04-21 16:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-18 22:12 - 2015-04-21 15:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-18 22:10 - 2015-03-13 01:29 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-18 22:09 - 2015-03-30 06:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-18 22:09 - 2015-03-27 04:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-18 22:09 - 2015-03-27 03:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-18 22:09 - 2015-03-27 03:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-18 22:07 - 2015-04-10 01:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-18 22:07 - 2015-04-10 01:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-18 22:07 - 2015-03-20 02:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-18 22:07 - 2015-03-11 02:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-18 22:07 - 2015-03-11 02:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-18 22:07 - 2014-10-29 03:45 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-18 22:07 - 2014-10-29 03:44 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-18 22:07 - 2014-10-29 03:00 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-18 22:07 - 2014-10-29 03:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-18 22:06 - 2015-04-01 23:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-18 22:06 - 2015-04-01 23:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-18 22:06 - 2015-04-01 04:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-18 22:06 - 2015-04-01 03:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-18 22:06 - 2015-03-13 05:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-18 22:06 - 2015-03-13 05:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-18 22:06 - 2015-03-13 02:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-18 22:06 - 2015-03-13 01:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-18 22:06 - 2015-03-06 03:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-18 22:06 - 2015-03-04 02:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-18 22:06 - 2015-03-04 02:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-18 22:06 - 2014-10-29 03:42 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-18 22:06 - 2014-10-29 02:19 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-18 22:06 - 2014-10-29 01:59 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-18 22:05 - 2015-04-08 23:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-18 22:05 - 2015-04-03 01:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-18 22:05 - 2015-04-03 01:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-18 22:05 - 2015-03-17 18:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-18 22:05 - 2015-03-13 03:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-18 22:05 - 2015-03-09 03:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-18 22:05 - 2015-03-06 04:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-18 22:05 - 2015-03-06 03:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-18 22:05 - 2015-02-18 00:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-18 22:05 - 2014-10-29 02:58 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2015-05-18 22:05 - 2014-10-29 02:57 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\BthHFSrv.dll
2015-05-18 22:05 - 2014-10-29 02:54 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2015-05-18 22:05 - 2014-10-29 02:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe
2015-05-18 22:05 - 2014-10-29 02:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2015-05-18 22:04 - 2015-05-01 00:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-18 22:04 - 2015-04-30 23:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-18 22:04 - 2015-04-13 23:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-18 22:04 - 2015-04-10 02:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-18 22:04 - 2015-04-10 01:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-18 22:04 - 2015-04-10 01:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-18 21:39 - 2015-06-15 09:41 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2015-05-18 20:42 - 2015-05-18 20:42 - 00000000 ____D C:\Windows\%LOCALAPPDATA%
2015-05-18 20:19 - 2015-05-18 20:19 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2015-05-18 20:19 - 2015-05-18 20:19 - 00002028 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-05-18 20:12 - 2015-05-18 20:12 - 00002001 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-05-18 20:02 - 2015-05-18 20:02 - 00002005 _____ C:\Users\Public\Desktop\abPhoto.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-21 14:36 - 2014-01-04 04:42 - 00000852 _____ C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 08:34 - 2014-01-04 04:42 - 00000712 _____ C:\Windows\system32\Drivers\RTMICEQ0.dat
2015-06-15 20:46 - 2015-03-12 00:36 - 00000000 ____D C:\Users\tonielizabeth\AppData\Roaming\Skype
2015-06-15 20:43 - 2014-08-16 20:14 - 00000000 ____D C:\Users\tonielizabeth\AppData\Local\Blasteroids
2015-06-15 20:43 - 2014-01-04 04:18 - 02086109 _____ C:\Windows\WindowsUpdate.log
2015-06-15 20:38 - 2015-03-12 23:51 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-15 20:19 - 2014-05-03 19:04 - 00000000 ____D C:\Program Files (x86)\webget
2015-06-15 20:10 - 2014-05-04 09:10 - 00000330 _____ C:\Windows\Tasks\MySearchDial.job
2015-06-15 20:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-15 19:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-15 19:49 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-15 19:19 - 2013-08-22 14:25 - 00000226 _____ C:\Windows\win.ini
2015-06-15 17:47 - 2014-10-30 22:45 - 00000000 ____D C:\ProgramData\a68d9eea-b970-45e3-ba05-b4a5e2e396bc
2015-06-15 16:28 - 2014-07-06 22:08 - 00000976 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-06-15 16:26 - 2014-07-06 22:21 - 00002356 _____ C:\Windows\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-4.job
2015-06-15 16:23 - 2014-07-06 22:23 - 00003836 _____ C:\Windows\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-11.job
2015-06-15 16:23 - 2014-07-06 22:23 - 00002236 _____ C:\Windows\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-4.job
2015-06-15 16:23 - 2014-07-06 22:23 - 00002130 _____ C:\Windows\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-5_user.job
2015-06-15 16:23 - 2014-07-06 22:23 - 00002130 _____ C:\Windows\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-5.job
2015-06-15 16:23 - 2014-07-06 22:23 - 00001596 _____ C:\Windows\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-1.job
2015-06-15 16:21 - 2014-07-06 22:21 - 00003828 _____ C:\Windows\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-11.job
2015-06-15 16:21 - 2014-07-06 22:21 - 00002122 _____ C:\Windows\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-5_user.job
2015-06-15 16:21 - 2014-07-06 22:21 - 00002122 _____ C:\Windows\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-5.job
2015-06-15 16:21 - 2014-07-06 22:21 - 00001574 _____ C:\Windows\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-1.job
2015-06-15 16:13 - 2014-07-06 22:08 - 00002232 _____ C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-4.job
2015-06-15 16:09 - 2014-07-06 22:09 - 00002114 _____ C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-5_user.job
2015-06-15 16:09 - 2014-07-06 22:09 - 00002114 _____ C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-5.job
2015-06-15 16:09 - 2014-07-06 22:09 - 00001540 _____ C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-1.job
2015-06-15 16:09 - 2014-07-06 22:09 - 00001266 _____ C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-10.job
2015-06-15 16:08 - 2014-07-06 22:08 - 00003820 _____ C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-11.job
2015-06-15 16:08 - 2014-07-06 22:08 - 00003138 _____ C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-3.job
2015-06-15 15:01 - 2014-05-03 19:04 - 00000308 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2015-06-15 09:40 - 2014-04-09 18:40 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3225058651-2230390788-3555302883-1001
2015-06-15 09:38 - 2014-05-10 15:01 - 00001350 _____ C:\Users\tonielizabeth\Desktop\Clean Registry for Free!.lnk
2015-06-15 09:37 - 2015-03-12 00:34 - 00000000 ____D C:\ProgramData\Skype
2015-06-15 09:36 - 2014-04-09 18:34 - 00000000 ____D C:\Users\tonielizabeth\AppData\Local\Pokki
2015-06-15 09:35 - 2014-07-06 22:08 - 00000972 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-06-15 09:35 - 2014-04-09 18:38 - 00000000 __RDO C:\Users\tonielizabeth\SkyDrive
2015-06-14 23:57 - 2013-08-22 15:46 - 00245954 _____ C:\Windows\setupact.log
2015-06-14 23:57 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-14 23:56 - 2014-07-17 21:34 - 00000000 ____D C:\Program Files (x86)\Mobogenie3
2015-06-14 23:56 - 2013-11-27 10:49 - 00127202 _____ C:\Windows\PFRO.log
2015-06-14 23:56 - 2013-08-22 15:44 - 00486984 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-14 23:52 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-06-14 23:52 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-14 22:39 - 2014-04-29 21:41 - 00000000 ____D C:\Users\tonielizabeth\AppData\Local\CrashDumps
2015-06-14 22:38 - 2014-04-10 19:29 - 00002289 _____ C:\Users\tonielizabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-06-14 18:50 - 2014-04-12 19:01 - 00000000 ____D C:\Windows\system32\MRT
2015-06-14 18:38 - 2015-03-12 23:51 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-14 18:08 - 2014-04-12 19:01 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-14 18:02 - 2014-05-03 19:05 - 00000000 ____D C:\ProgramData\Systweak
2015-06-14 18:02 - 2014-05-03 19:04 - 00000000 ____D C:\Users\tonielizabeth\AppData\Roaming\Systweak
2015-06-14 18:01 - 2014-12-27 21:05 - 00000000 ____D C:\Program Files (x86)\ASP
2015-05-30 01:06 - 2015-03-31 00:34 - 00001116 _____ C:\Users\Public\Desktop\Internet Explorer 11.lnk
2015-05-30 01:06 - 2015-03-31 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer 11
2015-05-30 01:06 - 2015-03-31 00:34 - 00000000 ____D C:\Program Files (x86)\Internet Explorer 11
2015-05-30 01:06 - 2014-04-09 18:34 - 00001500 _____ C:\Users\tonielizabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-30 00:50 - 2015-03-31 00:34 - 00000000 ____D C:\ProgramData\imexplorer
2015-05-30 00:29 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-05-30 00:11 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-05-29 22:12 - 2013-11-27 10:55 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-21 17:52 - 2014-05-03 19:05 - 00023336 _____ C:\Windows\system32\sasnative64.exe
2015-05-20 20:57 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2015-05-20 20:57 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\en-GB
2015-05-20 20:56 - 2014-04-09 18:34 - 00000000 ____D C:\Users\tonielizabeth
2015-05-20 20:49 - 2013-08-22 20:11 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-20 20:29 - 2014-09-05 00:16 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-20 19:50 - 2015-04-21 21:55 - 00000000 ____D C:\Users\tonielizabeth\AppData\Local\cmsiex
2015-05-18 22:58 - 2014-04-09 18:35 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-05-18 20:19 - 2013-11-27 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-05-18 20:19 - 2013-11-27 11:20 - 00000000 ____D C:\Program Files (x86)\Acer
2015-05-18 20:14 - 2014-04-09 18:37 - 00000000 ____D C:\Users\tonielizabeth\AppData\Local\clear.fi
2015-05-18 19:56 - 2013-11-27 10:40 - 00000000 ___HD C:\OEM
2015-05-18 19:44 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
==================== Files in the root of some directories =======
2014-05-04 13:10 - 2015-02-16 22:10 - 0000131 _____ () C:\Users\tonielizabeth\AppData\Roaming\WB.CFG
2015-04-01 22:42 - 2015-04-01 22:42 - 0008466 _____ () C:\Users\tonielizabeth\AppData\Local\recently-used.xbel
2014-01-04 04:42 - 2014-01-04 04:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\tonielizabeth\AppData\Local\Temp\octAB5B.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-20 20:52
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by tonielizabeth at 2015-06-15 20:48:30
Running from C:\Users\tonielizabeth\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3225058651-2230390788-3555302883-500 - Administrator - Disabled)
Guest (S-1-5-21-3225058651-2230390788-3555302883-501 - Limited - Enabled) => C:\Users\Guest
tangy_000 (S-1-5-21-3225058651-2230390788-3555302883-1002 - Limited - Enabled) => C:\Users\tangy_000
tonielizabeth (S-1-5-21-3225058651-2230390788-3555302883-1001 - Administrator - Enabled) => C:\Users\tonielizabeth
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.08.2003.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.03.2004.4 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.06.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8101 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Advanced-System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1) (Version: 2.1.1000.15664 - systweak.com) <==== ATTENTION
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.07.2004.0 - Acer Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Blasteroids (HKLM-x32\...\Blasteroids) (Version: 2.7.21 - Acute Angle Solutions)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3323.57 - CyberLink Corp.)
Dawngate (HKLM-x32\...\{1330926C-251C-414E-A681-F8CEF84899BC}) (Version: 182.23.92.0 - Electronic Arts, Inc.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ETDWare PS/2-X64 11.6.28.201_WHQL (HKLM\...\Elantech) (Version: 11.6.28.201 - ELAN Microelectronic Corp.)
Genie Cleaner (HKLM-x32\...\Genie Cleaner) (Version: 1.0.0.1036 - Oppoos.com)
Genie Wifi (HKLM-x32\...\Genie Wifi) (Version: 1.0.0.1132 - oppoos.com)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GoPhoto.it V9.0 (HKLM-x32\...\GoPhoto.it V9.0) (Version: 1.34.7.1 - installdaddy) <==== ATTENTION
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
HD-V1.8 (HKLM-x32\...\HD-V1.8) (Version: 1.34.7.1 - InfoHD-V1.8) <==== ATTENTION
Host App Service (HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\Pokki) (Version: 0.269.7.660 - Pokki)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3349 - Intel Corporation)
Intel® Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation)
Internet Explorer 11 (HKLM-x32\...\{66732EEE-ECBC-4CA6-A474-1122}_is1) (Version: - Microsoft Corporation)
Islands Driver Theory Training (HKLM-x32\...\{270BC8C5-14CD-4364-806C-12FE8B38EE72}) (Version: 1.00.0000 - MJH Data Systems)
Isle of Man Driving Theory Test (HKLM-x32\...\{E62E9F6A-55FE-4937-8A4A-93384CD3C87A}) (Version: 1.00.0000 - MJH Data Systems)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.131 - PandoraTV)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION
Mobogenie3 (HKLM-x32\...\Mobogenie3) (Version: 3.0.1.53153 - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd)
Mysearchdial (HKLM-x32\...\mysearchdial) (Version: - Mysearchdial)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
PC Data App (HKLM-x32\...\PCData App) (Version: - ) <==== ATTENTION
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - PhotoScape)
PicRec (x32 Version: 1.0.0.14 - PicRec) Hidden
PicRec (x86) (HKLM-x32\...\{AEB719FD-EDB0-43E9-B524-90F97C1E6499}) (Version: 1.0.0 - PicRec)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\Pokki_Start_Menu) (Version: 0.269.7.660 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.27041 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc)
Right Backup (HKLM-x32\...\980124D4-3D52-4c2d-AD41-9E90BDF4C031_Systweak_Ri~01F2B2E8_is1) (Version: 2.1.1000.4398 - Systweak Software)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.15.0 - SAMSUNG Electronics Co., Ltd.)
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.19.10.160 - Client Connect LTD)
Skype 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
SoftPlanet Software Assistant version 1.19 (HKLM-x32\...\{C87BD92A-FDDE-42C5-84F7-5159BEC08A01}_is1) (Version: 1.19 - Secure Download Ltd.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - SumatraPDF)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
TidyNetwork (HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\TidyNetwork) (Version: - TidyNetwork)
TornTV (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - TornTV.com) <==== ATTENTION
Torntv V9.0 (HKLM-x32\...\Torntv V9.0) (Version: 1.34.7.1 - installdaddy) <==== ATTENTION
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
webget (HKLM\...\webget) (Version: 2014.05.03.021147 - webget) <==== ATTENTION
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Windows Movie Maker 6.1 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2winmovie}}_is1) (Version: - win-movie-maker-free)
Winner Download Manager (HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\WinnerDM) (Version: - Winner Solutions LLC) <==== ATTENTION
Yahoo! Search (HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\...\Yahoo! Search) (Version: - Pay-By-Ads) <==== ATTENTION
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version: - Spacejock Software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3225058651-2230390788-3555302883-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\tonielizabeth\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3225058651-2230390788-3555302883-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\tonielizabeth\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3225058651-2230390788-3555302883-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\tonielizabeth\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
==================== Restore Points =========================
07-05-2015 19:29:44 Installed Islands Driver Theory Training.
18-05-2015 21:03:39 Windows Update
14-06-2015 17:45:24 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {056D6ABC-915D-4D37-8D64-7BACD85BB84E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {07B5361F-0810-4091-B86C-5D68BC5E2390} - System32\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-11 => C:\Program Files (x86)\GoPhoto.it V9.0\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-11.exe [2014-07-06] (installdaddy) <==== ATTENTION
Task: {0961FA96-4D29-46FB-BB29-7B029D653EFF} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3225058651-2230390788-3555302883-1001
Task: {15B745BA-4088-4BE6-8715-FBEC8BD96605} - System32\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-5 => C:\Program Files (x86)\Torntv V9.0\ce89763f-4a51-41f1-9460-b2b6ac331cfd-5.exe [2014-07-06] (installdaddy) <==== ATTENTION
Task: {1A2C75A5-44DD-49AF-B0E8-8CBBE7DC9A93} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {1C21BCE7-A419-47D3-9856-E4F8522CFB4B} - System32\Tasks\TidyNetwork Update => C:\Users\tonielizabeth\AppData\Local\TidyNetwork\petnupdate.exe [2014-08-16] ()
Task: {1E7F6F44-36D7-459E-936F-3806179ABEEA} - System32\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-4 => C:\Program Files (x86)\Torntv V9.0\ce89763f-4a51-41f1-9460-b2b6ac331cfd-4.exe [2014-07-06] (installdaddy) <==== ATTENTION
Task: {208E6EFE-5EB2-48D6-9D23-B43D1BCFCF7E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {21C30D26-8E22-45C0-ABBC-8DB254B86E42} - System32\Tasks\Right Backup_startup => C:\Program Files (x86)\Right Backup\RightBackup.exe [2014-07-11] (Systweak) <==== ATTENTION
Task: {2669CCC1-1DDE-4251-A66C-407CE12BB9F0} - System32\Tasks\MySearchDial => C:\Users\tonielizabeth\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {2B08E62A-F4C1-4E27-89AD-DBECC0017DF4} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-06] (globalUpdate) <==== ATTENTION
Task: {3003419B-11EC-43E8-9896-FD3F6BBAE977} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {39F97378-9FE6-4A41-98E6-3F062E2ECBA8} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {3DCBB1E8-9231-4CC7-86D6-D90F71746292} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {3DEF8D11-53F3-440C-A72F-9377C0369B25} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {3FEBE4E6-86C4-46E0-908A-22115B7B8BFE} - System32\Tasks\Nejuolinra => C:\ProgramData\Nejuolinra\1.0.1.0\wusuaefx.exe [2015-05-21] ()
Task: {4351DA93-40BB-4ABF-950A-9A537925D7C3} - System32\Tasks\Yahoo! Search Updater => C:\Users\tonielizabeth\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrsetup.exe [2015-03-28] (Pay By Ads LTD) <==== ATTENTION
Task: {44F28555-74D5-488D-A147-059528D566C2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-14] (Adobe Systems Incorporated)
Task: {453AF3A6-71E5-4FA2-90B9-A2A0EA4BC19B} - System32\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-1 => C:\Program Files (x86)\HD-V1.8\HD-V1.8-codedownloader.exe [2014-07-06] (InfoHD-V1.8) <==== ATTENTION
Task: {4BFFB00F-182C-477E-A74E-4A1E75B50021} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [2015-05-21] () <==== ATTENTION
Task: {4FB168E4-23FA-4B18-A067-80D9CA8C2C93} - System32\Tasks\gamesorama_helper_service => C:\Program Files (x86)\Gamesorama\gamesorama_helper_service.exe [2015-05-29] ()
Task: {526672F3-BC4D-40C6-9EAC-502BD1D5E5E0} - System32\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-1 => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-codedownloader.exe [2014-07-06] (installdaddy) <==== ATTENTION
Task: {54453711-C534-46E5-8A82-8D43DA939B62} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {61FCB94B-9F2C-4964-A7B5-10F67A2646FA} - System32\Tasks\SoftPlanet Software Assistant => C:\Program Files (x86)\SoftPlanet Software Assistant\spassist.exe [2013-12-09] (Secure Download Ltd.)
Task: {646B1A6D-B268-42B0-B44D-949293BE01DE} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate)
Task: {6F7280BD-FFCF-4611-BE3E-697D6A27E34F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-14] (Microsoft Corporation)
Task: {72F8C9F1-20EF-443F-AB82-2AF0098F521F} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {76F7D2A0-4878-4A8C-94EA-90B8DFCC6359} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-20] (Microsoft Corporation)
Task: {7F29EA14-BF0E-49EE-967B-14320BE767CE} - System32\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-5_user => C:\Program Files (x86)\GoPhoto.it V9.0\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-5.exe [2014-07-06] (installdaddy) <==== ATTENTION
Task: {7FD9DF1D-5125-4C5C-964C-C2517809F09D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {81BDEB94-5657-4655-B7F9-7E8B276A938D} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-11-13] (MyPC Backup) <==== ATTENTION
Task: {8CA287E7-828C-4932-93A8-50C1C270EE69} - System32\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-5 => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-5.exe [2014-07-06] (InfoHD-V1.8) <==== ATTENTION
Task: {94E4D0AC-C9C0-4211-8F53-F2783C1EE012} - System32\Tasks\GoogleUpdateTaskUserS_1_5_21_478699874-4155726479-3780505679-1001UA__343230323233303632342d78782345572a4a3441325057 => Wscript.exe //B "C:\ProgramData\PicRec\startprocess.js" picrecs.exe /invoke /f:check_services /l:0
Task: {971BB29A-62C3-46D6-8236-B28ECE460A9B} - System32\Tasks\Yahoo! Search => C:\Users\tonielizabeth\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe [2015-03-28] (Pay By Ads LTD) <==== ATTENTION
Task: {99212A13-830C-4BE8-B9AF-DAD26CA46FA1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {9A6351D5-B831-497D-868D-DBAFCEF3D5A4} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-05-06] (Acer)
Task: {9C5D8352-DEF2-4EF6-BB96-77AF1EBDB780} - System32\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-1 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe [2014-07-06] (installdaddy) <==== ATTENTION
Task: {9CB150D5-6AEB-4A42-BD7F-C26DB7B7F6A1} - System32\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-11 => C:\Program Files (x86)\Torntv V9.0\ce89763f-4a51-41f1-9460-b2b6ac331cfd-11.exe [2014-07-06] (installdaddy) <==== ATTENTION
Task: {A01708FC-8925-4EBF-A977-BC19B3695072} - System32\Tasks\Advanced System~Protector => C:\Program Files (x86)\Advanced System~Protector\asprb.exe <==== ATTENTION
Task: {A0186074-4A65-45B5-BBCA-DF1DDFAFE012} - System32\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-10 => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-10.exe [2014-07-06] (InfoHD-V1.8) <==== ATTENTION
Task: {A387C1B9-6419-471D-81D3-0F42D854ACA4} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {AFBD0D35-0412-4865-B700-4F1029EE7051} - System32\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-5_user => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-5.exe [2014-07-06] (InfoHD-V1.8) <==== ATTENTION
Task: {B94879C2-834F-46DD-AE2C-C1FBE6EF13C0} - System32\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-5_user => C:\Program Files (x86)\Torntv V9.0\ce89763f-4a51-41f1-9460-b2b6ac331cfd-5.exe [2014-07-06] (installdaddy) <==== ATTENTION
Task: {C0C2DFCB-D0B4-4CA2-AA48-06C857CC344D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {CCD05912-C6D3-4FE7-8F45-68617F784210} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-02] (Acer Incorporate)
Task: {CCE1A829-1701-48B3-BF9F-04164E95DED3} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-06] (globalUpdate) <==== ATTENTION
Task: {CE4E985C-2A0B-4D7F-8427-3143897146F1} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {D31608F7-242E-4286-9F7F-0FD9D8208814} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-09-12] (Acer Incorporated)
Task: {DFEBE2FF-18C5-414C-AD54-6818755ECA6F} - System32\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-11 => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-11.exe [2014-07-06] (InfoHD-V1.8) <==== ATTENTION
Task: {E5572D40-B2BA-4091-8BEF-4F0550751CD7} - System32\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-4 => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-4.exe [2014-07-06] (InfoHD-V1.8) <==== ATTENTION
Task: {EE44DF4F-1160-4473-81BC-D65F415283C8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {F333E1E4-BD5A-447C-8556-2183B038490A} - System32\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-4 => C:\Program Files (x86)\GoPhoto.it V9.0\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-4.exe [2014-07-06] (installdaddy) <==== ATTENTION
Task: {F8A894C3-135C-440F-B8D4-CF00133C1888} - System32\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-3 => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-3.exe [2014-07-06] (InfoHD-V1.8) <==== ATTENTION
Task: {FD5DF620-75C9-4375-ABDB-C3A99BDEAD76} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {FEB1308E-104B-49E2-B617-D668A1952928} - System32\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-5 => C:\Program Files (x86)\GoPhoto.it V9.0\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-5.exe [2014-07-06] (installdaddy) <==== ATTENTION
Task: C:\Windows\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-1.job => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-codedownloader.exe_/DxejdI /jyUOb=task /ntlZW='GoPhoto.it V9.0' /HlsACgt=34068 /cwsZEp='001606' /JVmbyHjT='0' /mPPtD='0' /vosrn=CAACA4BC7BE8421599E653CF437D9C52IE /WYlCTH=a617684c34c35f6fbfdb98a0e99e17b5 /FLCezaXUG=1_34_07_01 /zdKGWYUJE=1.34.7.1 /QiyRmHu=1404681775 /IJQwo=http:/stats.demogensrv.com /DhAjLiYe=http:/errors.demogensrv.com /EgeuFDSkq=http:/cr.install-daddy.com /UskInt=ff /mmTCipeuV='GoPhoto.it V9.0' /mUKdC=http:/cr.install-daddy.com /PzXaA /dAuzqlzBt='{asw:[16777216, 549453828, 16811008]}' /xBrRTWSI='http:/update.demogensrv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-11.job => C:\Program Files (x86)\GoPhoto.it V9.0\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-4.job => C:\Program Files (x86)\GoPhoto.it V9.0\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-4.exe/MizzXFgla /ntlZW='GoPhoto.it V9.0' /bybJCme C:\Program Files (x86)\GoPhoto.it V9.0\34068.xpi' /HlsACgt=34068 /cwsZEp='001606' /JVmbyHjT='0' /mPPtD='0' /vosrn=CAACA4BC7BE8421599E653CF437D9C52IE /WYlCTH=a617684c34c35f6fbfdb98a0e99e17b5 /FLCezaXUG=1_34_07_01 /zdKGWYUJE=1.34.7.1 /QiyRmHu=1404681775 /IJQwo=http:/stats.demogensrv.com /DhAjLiYe=http:/errors.demogensrv.com /WOumh=300 /UlYpgZImu=2ea36bf1-0877-4aaa-882c-ff78f7d9d95c@dfb1672d-116a-4eb4-8be0-44786bd1d3dd.com /vZjImMvf=0.94 /GfKtgrins=a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068 /qsvDnC=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/34068.rdf /oQVwbGtV='GoPhoto.it V9.0' /HCnxv='Images Zoom Extension' /QxbLTgR='installdaddy' /UskInt=ff /dAuzqlzBt='{asw:[16777216, 549453828, 16811008]}' /PzXaA /rFaTInEXe /aCVedjv /xBrRTWSI='http:/update.demogensrv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-5.job => C:\Program Files (x86)\GoPhoto.it V9.0\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-5_user.job => C:\Program Files (x86)\GoPhoto.it V9.0\9d1ac2d1-f08f-4197-8210-285c5e2b13ea-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-1.job => C:\Program Files (x86)\HD-V1.8\HD-V1.8-codedownloader.exeS/EIBqzGfI /wdjbE=task /HLqeyvC='HD-V1.8' /NCwwRIlIo=59568 /TjNMZZZ='001715' /aHHUBaSf='0' /WbHSLk='0' /NfBGKhcK=CAACA4BC7BE8421599E653CF437D9C52IE /KHJudnvm=a617684c34c35f6fbfdb98a0e99e17b5 /EcFPx=1_34_07_01 /YjkcWxEF=1.34.7.1 /zsvMBz=1404680901 /uSBNtNxcR=http:/stats.demogensrv.com /CMCiBSj=http:/errors.demogensrv.com /hmyGXMHMJ=http:/js.demogensrv.com /uVhvcBN=ff /njWstZJg='HD-V1.8' /QWSPLJ=http:/js.clientdemocloud.com /MqmAu /qRefk='{asw:[16777216, 536870916, 16811008]}' /WmxNL='http:/update.demogensrv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-10.job => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-10.exe¹/HLqeyvC='HD-V1.8' /NCwwRIlIo=59568 /TjNMZZZ='001715' /aHHUBaSf='0' /WbHSLk='0' /NfBGKhcK=CAACA4BC7BE8421599E653CF437D9C52IE /KHJudnvm=a617684c34c35f6fbfdb98a0e99e17b5 /EcFPx=1_34_07_01 /zsvMBz=1404680901 /uSBNtNxcR=http:/stats.demogensrv.com /CMCiBSj=http:/errors.demogensrv.com /fvxFDuyPV='HD-V1.8' /jGytgVJpn=1000 /McjqN=93-0,102-0,104-0,178-288,179-288,180-288,223-288 /PvdMEfpVF=http:/logs.demogensrv.com <==== ATTENTION
Task: C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-11.job => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-3.job => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-4.job => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-4.exe/vFYtIMHp /HLqeyvC='HD-V1.8' /DJUyYYiO C:\Program Files (x86)\HD-V1.8\59568.xpi' /NCwwRIlIo=59568 /TjNMZZZ='001715' /aHHUBaSf='0' /WbHSLk='0' /NfBGKhcK=CAACA4BC7BE8421599E653CF437D9C52IE /KHJudnvm=a617684c34c35f6fbfdb98a0e99e17b5 /EcFPx=1_34_07_01 /YjkcWxEF=1.34.7.1 /zsvMBz=1404680901 /uSBNtNxcR=http:/stats.demogensrv.com /CMCiBSj=http:/errors.demogensrv.com /adYvla=300 /mJhRX=f80af4ec-42b9-429d-99b0-4078ec7cf864@44882d20-8865-4b13-b79e-ae8470d9a955.com /JXXxFuiya=0.94 /wGqiWoqht=af80af4ec42b9429d99b04078ec7cf86444882d2088654b13b79eae8470d9a955com59568 /PReRJjGRJ=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/59568.rdf /fvxFDuyPV='HD-V1.8' /shvcTMP='Turn YouTube videos to High Definition by default' /smdLGN='InfoHD-V1.8' /uVhvcBN=ff /qRefk='{asw:[16777216, 536870916, 16811008]}' /MqmAu /qNTPgsP /xxiDZn /WmxNL='http:/update.demogensrv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-5.job => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\9fb12f5e-1c59-4e22-a5af-1f0674247821-5_user.job => C:\Program Files (x86)\HD-V1.8\9fb12f5e-1c59-4e22-a5af-1f0674247821-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe\/EIBqzGfI /wdjbE=task /HLqeyvC='Torntv V9.0' /NCwwRIlIo=51390 /TjNMZZZ='001602' /aHHUBaSf='0' /WbHSLk='0' /NfBGKhcK=CAACA4BC7BE8421599E653CF437D9C52IE /KHJudnvm=a617684c34c35f6fbfdb98a0e99e17b5 /EcFPx=1_34_07_01 /YjkcWxEF=1.34.7.1 /zsvMBz=1404681673 /uSBNtNxcR=http:/stats.demogensrv.com /CMCiBSj=http:/errors.demogensrv.com /hmyGXMHMJ=http:/cr.install-daddy.com /uVhvcBN=ff /njWstZJg='Torntv V9.0' /QWSPLJ=http:/cr.install-daddy.com /MqmAu /qRefk='{asw:[16777216, 549453828, 16811008]}' /WmxNL='http:/update.demogensrv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-11.job => C:\Program Files (x86)\Torntv V9.0\ce89763f-4a51-41f1-9460-b2b6ac331cfd-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-4.job => C:\Program Files (x86)\Torntv V9.0\ce89763f-4a51-41f1-9460-b2b6ac331cfd-4.exe×/vFYtIMHp /HLqeyvC='Torntv V9.0' /DJUyYYiO C:\Program Files (x86)\Torntv V9.0\51390.xpi' /NCwwRIlIo=51390 /TjNMZZZ='001602' /aHHUBaSf='0' /WbHSLk='0' /NfBGKhcK=CAACA4BC7BE8421599E653CF437D9C52IE /KHJudnvm=a617684c34c35f6fbfdb98a0e99e17b5 /EcFPx=1_34_07_01 /YjkcWxEF=1.34.7.1 /zsvMBz=1404681673 /uSBNtNxcR=http:/stats.demogensrv.com /CMCiBSj=http:/errors.demogensrv.com /adYvla=300 /mJhRX=5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com /JXXxFuiya=0.94 /wGqiWoqht=a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390 /PReRJjGRJ=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/51390.rdf /fvxFDuyPV='Torntv V9.0' /shvcTMP='The must-have App extensions for Television fans! Watch free TV channels, live sports and more' /smdLGN='installdaddy' /uVhvcBN=ff /qRefk='{asw:[16777216, 549453828, 16811008]}' /MqmAu /qNTPgsP /xxiDZn /WmxNL='http:/update.demogensrv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-5.job => C:\Program Files (x86)\Torntv V9.0\ce89763f-4a51-41f1-9460-b2b6ac331cfd-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ce89763f-4a51-41f1-9460-b2b6ac331cfd-5_user.job => C:\Program Files (x86)\Torntv V9.0\ce89763f-4a51-41f1-9460-b2b6ac331cfd-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\gamesorama_helper_service.job => C:\Program Files (x86)\Gamesorama\gamesorama_helper_service.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\TONIEL~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2014-10-30 21:30 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-17 13:43 - 2015-03-17 13:43 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel® Technology Access\libglog.dll
2015-02-08 12:20 - 2015-02-08 12:20 - 01793248 _____ () C:\Program Files\Intel Corporation\Intel® Technology Access\cpprest120_1_4.dll
2015-03-17 14:15 - 2015-03-17 14:15 - 00355040 _____ () C:\Program Files\Intel Corporation\Intel® Technology Access\JsonCpp.dll
2014-05-03 19:06 - 2014-07-22 18:25 - 00105664 _____ () C:\Program Files (x86)\Mobogenie\MgAssist.exe
2014-08-16 01:14 - 2014-07-29 10:42 - 00019968 _____ () C:\Windows\Microsoft\sogr\WindowsUpdater.exe
2014-11-13 10:59 - 2014-11-13 10:57 - 00270336 _____ () C:\Program Files (x86)\MyPC Backup\AlphaFS.dll
2014-11-13 10:59 - 2014-11-13 10:57 - 00060928 _____ () C:\Program Files (x86)\MyPC Backup\LinqBridge.dll
2014-11-13 10:59 - 2014-11-13 10:58 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-11-13 10:59 - 2014-11-13 10:57 - 00065536 _____ () C:\Program Files (x86)\MyPC Backup\BplusDotNet.dll
2015-05-21 02:58 - 2015-05-21 02:58 - 00157696 _____ () C:\ProgramData\Nejuolinra\1.0.1.0\wusuaefx.exe
2015-05-29 22:28 - 2015-05-29 22:28 - 00191696 _____ () C:\Program Files (x86)\Gamesorama\gamesorama_helper_service.exe
2015-03-18 21:13 - 2015-01-27 16:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-03 19:06 - 2014-07-22 18:25 - 00748736 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2014-12-26 21:27 - 2015-02-03 11:28 - 00105152 _____ () C:\Program Files (x86)\Mobogenie3\MoboGenieHelper.exe
2014-10-29 23:01 - 2015-06-15 17:47 - 00128240 _____ () C:\ProgramData\a68d9eea-b970-45e3-ba05-b4a5e2e396bc\maintainer.exe
2014-05-04 13:16 - 2015-06-15 19:18 - 00464112 _____ () C:\Program Files (x86)\webget\bin\utilwebget.exe
2015-05-18 20:37 - 2015-06-15 00:47 - 00353520 _____ () C:\Program Files (x86)\webget\bin\webget.PurBrowse64.exe
2015-05-18 20:37 - 2015-06-15 02:33 - 00114416 _____ () C:\Program Files (x86)\webget\bin\webget.expext.exe
2015-05-18 20:37 - 2015-06-15 08:47 - 00108784 _____ () C:\Program Files (x86)\webget\bin\webget.BrowserAdapter.exe
2015-05-18 20:37 - 2015-06-15 08:47 - 00126704 _____ () C:\Program Files (x86)\webget\bin\webget.BrowserAdapter64.exe
2015-05-29 21:53 - 2015-06-13 17:54 - 01649904 _____ () C:\Program Files (x86)\webget\bin\webget.BOASHelper.exe
2014-05-03 03:24 - 2015-06-15 19:23 - 00464112 _____ () C:\Program Files (x86)\webget\updatewebget.exe
2015-05-29 21:53 - 2015-06-13 17:54 - 01786608 _____ () C:\Program Files (x86)\webget\bin\webget.BOASPRT.exe
2015-05-29 21:53 - 2015-06-13 17:54 - 01791216 _____ () C:\Program Files (x86)\webget\bin\webget.BOAS.exe
2015-02-06 04:31 - 2015-02-06 04:31 - 00050840 _____ () C:\Program Files (x86)\Genie Soft\Genie Cleaner\MGCommon.dll
2014-11-24 23:43 - 2015-05-28 10:20 - 00057536 _____ () C:\Program Files (x86)\Mobogenie3\MGCommon.dll
2015-06-14 18:02 - 2013-08-02 19:21 - 00886272 _____ () C:\Program Files (x86)\Right Backup\System.Data.SQLite.dll
2014-08-16 01:14 - 2014-07-29 10:42 - 00007168 _____ () C:\Windows\Microsoft\sogr\ConfigurationData.dll
2014-08-16 01:14 - 2014-07-29 10:42 - 00015872 _____ () C:\Windows\Microsoft\sogr\Installer.dll
2014-08-16 01:14 - 2014-07-29 10:42 - 00015360 _____ () C:\Windows\Microsoft\sogr\BaseLibrary.dll
2014-08-16 01:14 - 2014-07-29 10:42 - 00058880 _____ () C:\Windows\Microsoft\sogr\InstallerLibrary.dll
2014-05-03 19:06 - 2014-07-22 18:25 - 00065728 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-05-03 19:06 - 2014-07-22 18:25 - 00474816 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2015-05-18 19:56 - 2015-05-18 19:56 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-05-06 10:08 - 2015-05-06 10:08 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00641792 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-05-06 10:06 - 2015-05-06 10:06 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-08-16 01:14 - 2015-06-15 11:57 - 00086528 _____ () C:\Program Files (x86)\PicRec\runtime\win32\Privoxy\mgwz.dll
2015-01-24 02:33 - 2015-01-24 02:34 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-03-28 13:15 - 2015-03-28 13:15 - 00288256 _____ () C:\Users\tonielizabeth\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\pbYkSbph.dll
2015-06-15 09:42 - 2015-06-15 09:42 - 01187712 _____ () C:\ProgramData\ZEuecPj\dat\WSfiaPpG.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\tangy_000\OneDrive:ms-properties
AlternateDataStreams: C:\Users\tonielizabeth\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3225058651-2230390788-3555302883-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FBEC0E58-C1EB-4196-83AA-1C7013633EEC}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{F0F35B2B-F260-4202-A013-672749ECB444}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{A66AC066-D442-4DEF-AC54-FC00CA747300}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{37A99701-B951-450C-BE47-728E41053292}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{F5AD9AA3-F7E7-435B-8786-692EC2FF1073}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{611C7BEB-8353-4874-AC65-CFBDE51F697E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{8F04573E-8265-4931-9D3B-7C3D1CB685A3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2AE7F9B7-2C12-4F31-A5A9-3CE1A1D48224}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{D306E0A3-2A72-403A-BB40-1F1C42B038CC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{65457D36-734E-4452-B3C7-9DC6C8BEE3FD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{26F29140-61C4-4C1F-B345-247A4D7B01AE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{44311482-9F9A-4E7C-8733-D8919D5B4D6B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{8245C9B5-1192-48B6-8587-DD0DB6D498B9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{A67C4052-C290-460B-858E-D33098B3B20B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{2581DC62-4AA6-4E27-BEDD-A0537644C6ED}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{849C6547-DE75-49D0-97E2-F030EB8E9BB9}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{93BF0939-CA06-454A-A3E5-1FAEB499F9D9}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{52001C53-5AE9-48F8-9B6C-5856EC9DA94D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{96EDF181-36B5-4C00-8FAE-3310F51611C8}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{9DCACCDC-A0A7-45B1-981A-F7B60B1A2470}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{59CC9813-63B2-40DA-B735-E71008FA07A1}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{237C5757-A783-41D4-B9AD-8DC6039BCF57}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{425811F3-B6DD-476D-B731-24DA52C51F48}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{9473A83E-0E92-42B3-9799-49D7F8073C71}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{497D4543-D2D2-4FBF-BFDF-73531E923707}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{F4E999A3-63DB-4631-AD11-67F424FA553E}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{A058A0F9-8D23-45B5-9151-165114B4E826}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{452D3532-4DAE-4A7D-B7C4-C46F81D42055}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{2F0C5659-C0C0-4E0A-A6CE-6AF94343EBA0}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{DF1298C3-7FC5-453A-B39E-3C9277913408}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{81A2ACFD-93D9-462D-B7D3-A786CCDD74B4}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{10EDF353-0503-4CBF-8CB3-C131879D2473}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{1106BDF7-6B52-438C-A170-07AD4B4A59AE}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{AEA89349-3887-4C00-92DA-7D060D44B0CF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{6BE4FBCD-6DC4-43C1-98F1-002EC7054F51}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{8D77E381-CEB3-4175-8A8F-20F63B515519}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{00BD8F9C-194A-45CD-B550-D5E3BDCCCB7E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{F45333F3-EA2F-4E52-A907-329CAB47ED60}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{FA8AF552-7364-463E-BF83-C734AB644B41}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{EF49BF14-EA9E-4640-B677-790A9311D2BF}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{22D8BBCD-7B29-44F7-A1AE-A2778BCBA068}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{D4240247-205E-4D63-8972-9F8364A6276E}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{53829F96-2DE5-48B2-8ABC-B11434F06511}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{9244FEEC-DDA6-4712-82D9-6ABFF57FF958}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{EE2900A2-94F8-4840-A676-91B9C9858BDD}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{CF0570B7-162D-443E-9132-4691FEF96290}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{4854FAEF-8E96-4BDF-9593-1C4AE9E66B98}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{7EB94038-F2D7-44B0-B61D-9DE581B3710A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{3F9F672F-20EB-4502-9C4E-19ABCB35E3B8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{CD81D8A0-08BC-4AD5-B281-92A4B0E793E4}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{9961D265-5BF5-486E-9003-6D689CD71306}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{138CBD8D-9969-46DA-AE38-2CCBE7DE1949}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{293B9B78-4ADF-44A8-B3DC-9CEE7C650D6E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{4AE51F96-F712-42D4-B0EB-294704E783E1}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{914236DB-41F1-438F-B298-253673054C0F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{DCE4202D-93FD-44BD-9FB3-975584FE5D8F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{69C88388-CE50-4DAA-8426-C9C752C3C5B3}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{1BC9B226-7D5A-4C33-9B54-83B2E52BD143}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{FECE24D6-F732-4389-ABE7-69D49AC124A5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{C13E44DC-5686-4127-9531-62B68D54C9A1}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{B334698A-3206-4991-AB58-3007D2F5FA15}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{19B143C3-021C-4EEA-B493-762D9EEA914F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{6EE45E0F-8CCC-4B8E-8C02-5DB34EB7316D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{3CD1EA22-A7BC-4A60-8C13-AD6810647FFF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{3376A7D1-DCB9-44EB-95F7-C26CE0F2ECE1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{09AD67BB-79D1-4C79-A647-8F8FD8A6F255}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{E3C85EB2-2EC1-44AA-BF5F-636D41E497BD}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{CBC76E8D-C8E6-4CCA-9036-F03A05D9E983}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C107F000-FC02-45B4-9EE1-2FC401239232}] => (Allow) C:\Users\tonielizabeth\AppData\Local\WinnerDM\wdm.bin
FirewallRules: [{86E52BD3-B767-4C66-8CDF-2F8B305CC802}] => (Allow) C:\Program Files (x86)\webget\bin\webget.BRT.Helper.exe
FirewallRules: [{57088DC1-353C-4C7F-BFD1-DF6A66BDFD0A}] => (Allow) C:\Program Files (x86)\webget\bin\webget.BRT.Helper.exe
FirewallRules: [{F0E0B311-55C0-4B9C-A472-103A515E09CF}] => (Allow) C:\Program Files (x86)\webget\bin\webget.BRT.Helper.exe
FirewallRules: [{8995447C-7E57-43B7-A3F7-6C6F55E7C00D}] => (Allow) C:\Program Files (x86)\webget\bin\webget.BRT.Helper.exe
FirewallRules: [{ADB92DC0-4255-4CEA-8F95-32E6CFCAAD29}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{90CC9385-D7ED-4958-995C-7BDC6144F0E1}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{CFA6FD16-F068-4767-8766-BDAD8369A93C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{D7ABB0A4-6544-49D9-94C9-5E82BF5288CC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{BB186583-74C4-436F-A2E2-1BEF54CCB1AE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2C9AA8DD-7241-4CDC-B601-930BF20B0F26}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8CC64A93-E6E7-42DF-BCFE-A80FBC65388A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BC435A2C-7646-4EB6-B56B-8C78E83228B5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{47B2306F-F2AB-472D-A543-C2BC0FD755FB}] => (Allow) C:\Users\tonielizabeth\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2D87F668-0A81-4341-A692-6FF83B6219E6}] => (Allow) C:\Program Files (x86)\Windows Network Accelerater\winvxm.exe
FirewallRules: [{0100B3D0-86C9-4E90-BBB6-B23E1D660A83}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A704F3CB-D08E-4106-B148-8F3AABA3A1CD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{ED18D122-E38E-4B44-9390-1BCDA41CA5C2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{5E8DA902-8C11-4C3D-87C6-6F11D7645C73}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{24B17D0D-9033-480D-B732-25C4EF4B8557}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{AF94FF61-F7EB-4D5A-83AF-79FAC5D35630}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{33795303-AA2D-45AD-88BE-7440E196282B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D816956A-01B5-4BEF-8001-95D93697F179}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{4605BA2C-A8DF-4D98-A3E3-C010CF13A4ED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2F0DE981-4998-4E1D-B37F-2808B03FEFA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2AD8E6C4-6513-4B17-BA4F-DB124CCBEF28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4DA8A91-A388-4A3C-B92C-A86A0640B463}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{341EB34B-D27C-46FB-B3BD-5CEC531B90D8}] => (Allow) C:\Program Files (x86)\Chromium Logging\G3\chroimner.exe
FirewallRules: [{F09C7953-AF80-417D-B39C-0DD6073A571C}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{8E6CCB46-4E84-40D4-BE36-AEDF43C92C8A}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{3BD685C8-CDAB-4022-9779-19AE9565F956}] => (Allow) C:\Program Files (x86)\Windows FontCache\R1\WmiPrvSD.exe
FirewallRules: [{E6FA301E-8BFF-4C87-AB64-AA3C94857182}] => (Allow) C:\Program Files (x86)\Windows FontCache\R1\FontCache.exe
FirewallRules: [TCP Query User{048A4E23-85F0-48DC-ADDA-0BBB131A6142}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{7A655BBD-2DE6-4072-9CAB-6DBBE72F46F0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{451B5CD0-C19E-46E0-B132-32ED87EC7011}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8FB97FED-1770-4CF2-8436-695C66C850BB}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{880B1DDF-1E2E-46D7-9456-D521A17C3F0D}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{12E509E7-050E-42C6-B460-B36E2769CBE8}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/15/2015 09:43:38 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (06/15/2015 00:05:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb
Faulting module name: mpengine.dll, version: 1.1.10600.0, time stamp: 0x53618404
Exception code: 0xc0000005
Fault offset: 0x000000000061133e
Faulting process ID: 0x620
Faulting application start time: 0xMsMpEng.exe0
Faulting application path: MsMpEng.exe1
Faulting module path: MsMpEng.exe2
Report ID: MsMpEng.exe3
Faulting package full name: MsMpEng.exe4
Faulting package-relative application ID: MsMpEng.exe5
Error: (06/15/2015 00:02:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb
Faulting module name: mpengine.dll, version: 1.1.10600.0, time stamp: 0x53618404
Exception code: 0xc0000005
Fault offset: 0x000000000061133e
Faulting process ID: 0xd9c
Faulting application start time: 0xMsMpEng.exe0
Faulting application path: MsMpEng.exe1
Faulting module path: MsMpEng.exe2
Report ID: MsMpEng.exe3
Faulting package full name: MsMpEng.exe4
Faulting package-relative application ID: MsMpEng.exe5
Error: (06/14/2015 11:59:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb
Faulting module name: mpengine.dll, version: 1.1.10600.0, time stamp: 0x53618404
Exception code: 0xc0000005
Fault offset: 0x000000000061133e
Faulting process ID: 0xa2c
Faulting application start time: 0xMsMpEng.exe0
Faulting application path: MsMpEng.exe1
Faulting module path: MsMpEng.exe2
Report ID: MsMpEng.exe3
Faulting package full name: MsMpEng.exe4
Faulting package-relative application ID: MsMpEng.exe5
Error: (06/14/2015 10:39:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 35.0.0.5486, time stamp: 0x54af7153
Faulting module name: mozalloc.dll, version: 35.0.0.5486, time stamp: 0x54af69d4
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process ID: 0x17c8
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report ID: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5
Error: (06/14/2015 10:21:30 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (06/14/2015 07:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 6.3.9600.16384, time stamp: 0x5215dfe3
Faulting module name: wuaueng.dll, version: 7.9.9600.17729, time stamp: 0x55037f43
Exception code: 0xc0000005
Fault offset: 0x000000000000aec6
Faulting process ID: 0x3c0
Faulting application start time: 0xsvchost.exe_wuauserv0
Faulting application path: svchost.exe_wuauserv1
Faulting module path: svchost.exe_wuauserv2
Report ID: svchost.exe_wuauserv3
Faulting package full name: svchost.exe_wuauserv4
Faulting package-relative application ID: svchost.exe_wuauserv5
Error: (06/14/2015 05:52:49 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (06/14/2015 05:52:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PowerDVD12.exe version 12.0.20949.3316 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1fe4
Start Time: 01d0a6c261554077
Termination Time: 98
Application Path: C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
Report Id: b25a8e3b-12b5-11e5-82e5-201a06cff5a7
Faulting package full name:
Faulting package-relative application ID:
Error: (06/14/2015 05:51:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PowerDVD12.exe version 12.0.20949.3316 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 23c0
Start Time: 01d0a6c224c4b765
Termination Time: 54
Application Path: C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
Report Id: 7ac28a66-12b5-11e5-82e5-201a06cff5a7
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (06/15/2015 08:43:09 PM) (Source: DCOM) (EventID: 10016) (User: TONI-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Toni-PCtonielizabethS-1-5-21-3225058651-2230390788-3555302883-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/15/2015 08:37:24 PM) (Source: DCOM) (EventID: 10016) (User: TONI-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Toni-PCtonielizabethS-1-5-21-3225058651-2230390788-3555302883-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/15/2015 08:37:24 PM) (Source: DCOM) (EventID: 10016) (User: TONI-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Toni-PCtonielizabethS-1-5-21-3225058651-2230390788-3555302883-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/15/2015 08:37:24 PM) (Source: DCOM) (EventID: 10016) (User: TONI-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Toni-PCtonielizabethS-1-5-21-3225058651-2230390788-3555302883-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/15/2015 08:35:50 PM) (Source: DCOM) (EventID: 10016) (User: TONI-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Toni-PCtonielizabethS-1-5-21-3225058651-2230390788-3555302883-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/15/2015 08:35:33 PM) (Source: DCOM) (EventID: 10016) (User: TONI-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Toni-PCtonielizabethS-1-5-21-3225058651-2230390788-3555302883-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/15/2015 08:35:33 PM) (Source: DCOM) (EventID: 10016) (User: TONI-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Toni-PCtonielizabethS-1-5-21-3225058651-2230390788-3555302883-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/15/2015 08:34:41 PM) (Source: DCOM) (EventID: 10016) (User: TONI-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Toni-PCtonielizabethS-1-5-21-3225058651-2230390788-3555302883-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/15/2015 08:33:46 PM) (Source: DCOM) (EventID: 10016) (User: TONI-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Toni-PCtonielizabethS-1-5-21-3225058651-2230390788-3555302883-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/15/2015 08:26:30 PM) (Source: DCOM) (EventID: 10016) (User: TONI-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Toni-PCtonielizabethS-1-5-21-3225058651-2230390788-3555302883-1001LocalHost (Using LRPC)UnavailableUnavailable
Microsoft Office:
=========================
Error: (06/15/2015 09:43:38 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (06/15/2015 00:05:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10600.053618404c0000005000000000061133e62001d0a6f65801a1faC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A946D4BA-4A2A-4988-B004-8324570F23DC}\mpengine.dlle13980da-12e9-11e5-82e6-201a06cff5a7
Error: (06/15/2015 00:02:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10600.053618404c0000005000000000061133ed9c01d0a6f5f4d8f8daC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A946D4BA-4A2A-4988-B004-8324570F23DC}\mpengine.dll716c5037-12e9-11e5-82e6-201a06cff5a7
Error: (06/14/2015 11:59:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10600.053618404c0000005000000000061133ea2c01d0a6f57a0c924bC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A946D4BA-4A2A-4988-B004-8324570F23DC}\mpengine.dll0e723883-12e9-11e5-82e6-201a06cff5a7
Error: (06/14/2015 10:39:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.0.548654af7153mozalloc.dll35.0.0.548654af69d4800000030000142517c801d09a6799a30be0C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlld9be9f9a-12dd-11e5-82e5-201a06cff5a7
Error: (06/14/2015 10:21:30 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
Error: (06/14/2015 07:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_wuauserv6.3.9600.163845215dfe3wuaueng.dll7.9.9600.1772955037f43c0000005000000000000aec63c001d09a6764dc2233C:\Windows\system32\svchost.exec:\windows\system32\wuaueng.dll063afa4d-12c0-11e5-82e5-201a06cff5a7
Error: (06/14/2015 05:52:49 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (06/14/2015 05:52:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: PowerDVD12.exe12.0.20949.33161fe401d0a6c26155407798C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exeb25a8e3b-12b5-11e5-82e5-201a06cff5a7
Error: (06/14/2015 05:51:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: PowerDVD12.exe12.0.20949.331623c001d0a6c224c4b76554C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe7ac28a66-12b5-11e5-82e5-201a06cff5a7
==================== Memory info ===========================
Processor: Intel® Pentium® CPU N3520 @ 2.16GHz
Percentage of memory in use: 57%
Total physical RAM: 3979.34 MB
Available physical RAM: 1686.29 MB
Total Pagefile: 6201.77 MB
Available Pagefile: 2731.82 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:448.69 GB) (Free:389.99 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 290CBD16)
Partition: GPT Partition Type.
==================== End of log ============================