1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

cannot remove justunblock

Discussion in 'Virus & Other Malware Removal' started by irish66, Jan 23, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. irish66

    irish66 Thread Starter

    Joined:
    Apr 1, 2007
    Messages:
    39
    Hello. Sometime around christmas I chose to use the free trial of just unblock. When the free trial was over, i didn't continue with it. But what I get when trying some sites is the message
    "You're connected to JustUnblock DNS, but your current IP is not authenticated
    "
    I have tried on different browsers with the same result.
    As for what I have done.
    I have run the free version of malware bytes. It did no good.
    I tried connectivity fixer but no good.

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz, Intel64 Family 6 Model 23 Stepping 6
    Processor Count: 2
    RAM: 1900 Mb
    Graphics Card: Intel(R) Q45/Q43 Express Chipset, 822 Mb
    Hard Drives: C: Total - 152525 MB, Free - 2600 MB; E: Total - 476821 MB, Free - 1624 MB; F: Total - 238414 MB, Free - 1364 MB; G: Total - 715402 MB, Free - 2853 MB; H: Total - 953867 MB, Free - 1243 MB; I: Total - 953867 MB, Free - 2050 MB;
    Motherboard: LENOVO, LENOVO
    Antivirus: avast! Antivirus, Updated and Enabled
     
  2. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Hi Irish66,
    Your system drive does not have enough free space to allow normal operation.
    Let's get a start on it, at least.
    It appears that virtually all your drives are FULL.
    That can't ALL be necessary !

    Do you often use Windows Search in the Start box, to look for a filename on your machine?

    If you have any unused programs, please Uninstall them.
    Start > Control Panel > Programs and Features > Highlight, and choose Uninstall for any you don't use.

    ----------------------------------------------
    Download and Run Temp File Cleaner (TFC.exe)
    Download Temp File Cleaner and save it to your desktop.
    You might want to Save any unsaved work. TFC will close ALL open programs... including your browser!
    Right click the TFC icon and choose Run as administrator.
    If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
    When it's done, it will report the total size of files removed. If it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.
    After Restart, log back in to your usual account.
    You can keep TFC on your desktop and run it every week or two to clean out excessive temporary files. It does usually require a restart.
    -------------------------------------------------------
    IF You Don't Have Firefox, get it here and install it : http://www.getfirefox.net/
    During the installation, you can likely import settings from Internet Explorer if you wish.
    ----------------------------------------------------------
    Set the Home Page in Firefox
    Open Firefox, and Navigate to the page you would like to use as a home page, i.e., google.com, startpage.com, etc.
    Then hit the Alt key once if necessary, so you can see the menu bar at the top.
    In the top menu bar, click on Tools, and select Options.
    In the new dialog window that pops up:
    Click on the General icon in the top bar, and click the button labeled Use Current Page.
    ---------------------------------------------------------
    Set Firefox as Default and Always Ask Where to Save Downloads
    Open Firefox, then hit the Alt key once if necessary, so you can see the menu bar at the top.
    In the top menu bar, click on Tools, and select Options.
    In the new dialog window that pops up:
    Click on the General icon in the top bar, and click the radiobutton labeled "Always ask me where to save files"
    Click on the Advanced icon in the top bar.
    Click the radiobutton labeled, "Always check to see if Firefox is the Default browser on startup."
    Click OK.
    -----------------------------------------------------------
    Change Settings to View File Extensions and Hidden Files
    Go to Start, and type Show hidden into the box.
    When you see the Show hidden files and folders listing appear in the popup, click on it.
    Click on the View tab
    Under "Files and Folders",
    • Uncheck "Hide Extensions for known File Types"
    • Check "Show Hidden Files Folders and Drives"
    Click Apply and OK.

    Let me know how it goes, and we can get underway to remove that thing.
    askey127
     
  3. irish66

    irish66 Thread Starter

    Joined:
    Apr 1, 2007
    Messages:
    39
    Hi. Thank you for responding.
    Hi Irish66,
    "Your system drive does not have enough free space to allow normal operation."
    How much free space should i have?

    "Do you often use Windows Search in the Start box, to look for a filename on your machine?
    No. I would say i almost never use it.

    as regards displaying hidden files and folders.
    When i press the windows logo on my keyboard, there is no box there for me to type anything in. But my default windows browser (not internet browser) is tcup. So i have done what you asked within that program. see attached picture.
     

    Attached Files:

  4. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    answer #1) Your system needs 15% free space to operate normally.

    Thnx to answer #2.

    Don't press Windows logo #2.
    Go to the start button as I said, and type "show hidden" as above into the box..

    Do exactly as I say and it will work.

    .
     
  5. irish66

    irish66 Thread Starter

    Joined:
    Apr 1, 2007
    Messages:
    39
    Sorry. I know I'm being dense here. but is what you are talking about? see attachment. I cannot see anywhere to type anything in.
    Thank you for aswering my question on how much space i should have free. Which on a hd of 146 gigs comes to around 21 gigs. I will be interested to see the difference it will make to my computer. Okay, hand on heart. i'm not convinced it will make any difference. but I'm willing to listen and learn. Okay I have delete a small amount of files on my c drive. It has now 6.3 gigs worth of space. The other 14 gigs I will have to upload
    some cloud servers. But can we work with the 6.3 gigs of space?
     

    Attached Files:

  6. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Close your browser.
    When you click on the circle icon in the lowest left corner, the normal Windows system will produce a text box just above that icon saying "Search programs and files" in light gray text. It's just below >All Programs in the menu.
    You type in there.

    You can also get there from Start > Control Panel > Folder Options and click the View Tab
     
  7. irish66

    irish66 Thread Starter

    Joined:
    Apr 1, 2007
    Messages:
    39
    okay, i got it through method 2.
     
  8. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    irish66,
    OK. Good work.
    Now we will begin finding and removing the unwanted stuff.
    -----------------------------------------------------------
    Download and Run the Farbar Scan Tool
    • Download FRST64 and save to your Desktop.
    • Double click Frst64.exe to launch it.
    • FRST64 will start to run.
      • When the tool opens click Yes to disclaimer.
      • Press the Scan button.
      • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
      • Please post them in your next reply.
    If you lose track of them, they will be saved in the same location as FRST64.exe
    Feel free to use separate replies if it's more convenient.

    askey127
     
  9. irish66

    irish66 Thread Starter

    Joined:
    Apr 1, 2007
    Messages:
    39
    Hi.
    here is addition.txt

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
    Ran by User at 2015-01-24 19:33:47
    Running from C:\Users\User\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
    Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Clipboard Manager (HKLM-x32\...\{F1D6452D-4F52-4E6C-97A5-9DC54041FED0}) (Version: 1.0.0 - Frens)
    Create Multiple Files From Text File List Software (HKLM-x32\...\Create Multiple Files From Text File List Software_is1) (Version: - Sobolsoft)
    Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.02 - NCH Software)
    DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.2 - DivX,Inc.)
    EaseUS Todo Backup Free 6.5 (HKLM-x32\...\EaseUS Todo Backup Free 6.5_is1) (Version: 6.5 - CHENGDU YIWO Tech Development Co., Ltd)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
    IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit)
    Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
    Kobo (HKLM-x32\...\Kobo) (Version: 3.11.0 - Rakuten Kobo Inc.)
    Kodi (HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\...\Kodi) (Version: - XBMC-Foundation)
    LAV Filters 0.59.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.59.1 - Hendrik Leppkes)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    MediaInfo 0.7.69 (HKLM\...\MediaInfo) (Version: 0.7.69 - MediaArea.net)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office Converter Pack (HKLM-x32\...\{6EECB283-E65F-40EF-86D3-D51BF02A8D43}) (Version: 11.0.0.0 - Microsoft Corporation - Office Resource Kit Group)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSSUB) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Online Services Sign-in Assistant (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    MiPony 2.2.2 (HKLM-x32\...\MiPony) (Version: 2.2.2 - )
    Movier 1.1.4 (HKLM-x32\...\Movier) (Version: 1.1.4 - )
    Mozilla Firefox 34.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 en-US)) (Version: 34.0 - Mozilla)
    Mp3tag v2.65a (HKLM-x32\...\Mp3tag) (Version: v2.65a - Florian Heidenreich)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    msxml4 (HKLM-x32\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)
    MySQL Server 5.6 (HKLM\...\{56DA0CB5-ABD2-4318-BEAB-62FDBC9B12CC}) (Version: 5.6.10 - Oracle Corporation)
    NaturalReaderFree (HKLM-x32\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)
    Pale Moon 25.1.0 (x86 en-US) (HKLM-x32\...\Pale Moon 25.1.0 (x86 en-US)) (Version: 25.1.0 - Moonchild Productions)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
    R-Studio 7.1 (HKLM-x32\...\R-Studio 7.1NSIS) (Version: 7.1.154569 - R-Tools Technology Inc.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Similarity 1.9.1 (HKLM-x32\...\{BA64E2C8-0A8B-45FA-AAA8-83C7E7D1C648}) (Version: 1.9.1844 - GAR Software)
    SRWare Iron version SRWare Iron 39.2100.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 39.2100.0 - SRWare)
    Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.)
    StrongDC++ 2.41 (HKLM-x32\...\StrongDC++) (Version: 2.41 - Big Muscle)
    SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
    Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
    The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.127 - PandoraTV)
    TreePad Lite 4.3 (HKLM-x32\...\TreePadLite4) (Version: - )
    Txt2fil (HKLM-x32\...\Txt2fil) (Version: - )
    Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)
    VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
    WinCatalog 2013 (HKLM-x32\...\{94145C48-3CDB-42FA-A8F4-8DAD34A564C5}_is1) (Version: 4.0 - WinCatalog.com)
    WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
    WinRAR 5.10 beta 4 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
    Zona (HKLM-x32\...\Zona)) (Version: - )

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2741872586-2538202859-2254069678-1000_Classes\CLSID\{01249E9F-88FF-45d5-82DB-A1BEE06E123C}\InprocServer32 -> C:\Windows\system32\shdocvw.dll (Microsoft Corporation)

    ==================== Restore Points =========================

    23-01-2015 23:38:31 Removed Similarity 1.9.1

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 02:34 - 2014-02-07 16:48 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 validation.sls.microsoft.com

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0E983C4A-0BCD-42FA-BC34-E50F3A5EB7B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
    Task: {1D3318E9-06D8-41B8-AD11-58C1C936A1AA} - System32\Tasks\{0B4EC1A1-B758-4750-BA25-A332120BD608} => pcalua.exe -a C:\Users\User\Downloads\setup_mj.exe -d C:\Users\User\Downloads
    Task: {1E33530B-4B37-45EE-918A-19C4B3280CA7} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
    Task: {51FEDC26-963F-40BB-8FA2-2A386E0F90CD} - System32\Tasks\JetCleanLoginCheckUpdate => I:\program files\BlueSprig\JetClean\AutoUpdate.exe
    Task: {531E6F44-78B3-4FA8-B48A-CA60FB018BD5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
    Task: {60D1CCCC-EFEE-4BFB-B4BD-C4A1E8609B1F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
    Task: {64A12AC9-3580-46CA-ABE5-384684B60E6A} - System32\Tasks\ASC8_SkipUac_User => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-12-30] (IObit)
    Task: {66F7DE5F-A0CB-42D3-85F4-7EFABD1A6C44} - System32\Tasks\Driver Booster SkipUAC (User) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
    Task: {6EF30ED7-603B-43FE-A734-C286D4ABC670} - System32\Tasks\{5859F1FA-2DA9-4E8D-A22F-E78E875CAC01} => pcalua.exe -a "C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\SetupTv.exe" -d "C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server"
    Task: {776029AE-9E20-4866-BB45-9DE1C20EDA4E} - System32\Tasks\Badosoft\Connectivity Fixer => C:\Program Files (x86)\Badosoft\Connectivity Fixer\Connectivity Fixer.exe
    Task: {9EDB4D9E-930F-4E36-BD00-16A3A7EEA976} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-12-10] (IObit)
    Task: {A0076714-57E4-4B1F-96C7-7685D0F203E4} - System32\Tasks\Uninstaller_SkipUac_User => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-09] (IObit)
    Task: {AD007018-F23C-4CD0-B435-13CC4B642543} - System32\Tasks\{52F7902D-6A07-496D-8193-ADC219E16766} => msiexec.exe /package "C:\Users\User\Downloads\CaptchaBrotherhood_v1.2.0.msi"
    Task: {C6D69410-112C-4EBE-8C43-A6C86337100C} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2013-12-27] (Veoh Networks)
    Task: {D17F0DD9-B233-4DEA-A046-5D0CF03E072A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-29] (AVAST Software)
    Task: {DD24FEDC-6A97-4749-87D7-F5943E7C16CD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {F0FD4A66-DCA9-427A-BF7B-79193EFF7E5F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2014-08-20 11:32 - 2013-06-17 16:40 - 00035944 _____ () C:\Windows\system32\ddmon4-64x.dll
    2013-02-01 15:09 - 2013-02-01 15:09 - 12907520 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
    2015-01-24 12:38 - 2015-01-24 12:38 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012400\algo.dll
    2015-01-24 19:17 - 2015-01-24 19:17 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012401\algo.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00098888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
    2014-06-02 19:39 - 2013-11-14 13:59 - 00031304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll
    2014-06-02 19:39 - 2008-11-25 16:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
    2014-06-02 19:39 - 2004-10-05 02:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00029768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
    2014-06-02 19:39 - 2014-01-13 17:06 - 00105544 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00030280 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00293960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00578632 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00468040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00192072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
    2014-06-02 19:39 - 2013-12-23 10:01 - 00281672 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00068680 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00069192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00022600 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00192584 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
    2014-06-02 19:39 - 2013-10-22 16:31 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00135240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
    2014-06-02 19:39 - 2013-12-24 16:42 - 00017992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
    2014-06-02 19:39 - 2013-09-04 10:19 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
    2015-01-22 19:50 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
    2015-01-22 19:50 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
    2015-01-22 19:50 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
    2015-01-22 19:50 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll
    2015-01-22 19:50 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
    2014-11-29 19:02 - 2014-11-29 19:02 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () I:\Program Files (x86)\office\Office14\1033\GrooveIntlResource.dll
    2012-09-13 09:09 - 2011-09-17 11:48 - 00480256 _____ () I:\program files\NetWorx\sqlite.dll
    2014-11-17 14:45 - 2014-11-10 13:11 - 03044864 _____ () I:\program files\pale noon-new\mozjs.dll
    2013-11-27 07:50 - 2013-11-27 07:50 - 00123536 _____ () G:\Program Files\TC UP\wcmzip32.dll
    2013-11-27 07:50 - 2013-11-27 07:50 - 00217688 _____ () G:\Program Files\TC UP\UNRAR.DLL

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: Create Multiple Files From Text File List Software.exe =>
    MSCONFIG\startupreg: OfficeSubscriptionAgent => "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osaui.exe"

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-2741872586-2538202859-2254069678-500 - Administrator - Disabled)
    Guest (S-1-5-21-2741872586-2538202859-2254069678-501 - Limited - Disabled)
    User (S-1-5-21-2741872586-2538202859-2254069678-1000 - Administrator - Enabled) => C:\Users\User

    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/23/2015 11:42:23 PM) (Source: Wininit) (EventID: 1015) (User: )
    Description: A critical system process, C:\Windows\system32\lsass.exe, failed with status code 255. The machine must now be restarted.

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070005, Access is denied.
    .

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 13) (User: )
    Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070005, Access is denied.
    ]

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070005, Access is denied.
    .

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 13) (User: )
    Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070005, Access is denied.
    ]

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070005, Access is denied.
    .

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 13) (User: )
    Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070005, Access is denied.
    ]

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070005, Access is denied.
    .

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 13) (User: )
    Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070005, Access is denied.
    ]

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070005, Access is denied.
    .


    System errors:
    =============
    Error: (01/24/2015 07:15:49 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
    Description: Unexpected failure. Error code: [email protected]

    Error: (01/24/2015 07:15:49 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
    Description: Unexpected failure. Error code: [email protected]

    Error: (01/24/2015 07:13:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Advanced SystemCare Service 8 service failed to start due to the following error:
    %%1053

    Error: (01/24/2015 07:13:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Advanced SystemCare Service 8 service to connect.

    Error: (01/24/2015 07:13:52 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 14:38:00 on &#8206;24/&#8206;01/&#8206;2015 was unexpected.

    Error: (01/24/2015 00:35:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Advanced SystemCare Service 8 service failed to start due to the following error:
    %%1053

    Error: (01/24/2015 00:35:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Advanced SystemCare Service 8 service to connect.

    Error: (01/24/2015 02:13:01 AM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 02:10:28 on &#8206;24/&#8206;01/&#8206;2015 was unexpected.

    Error: (01/24/2015 02:13:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Advanced SystemCare Service 8 service failed to start due to the following error:
    %%1053

    Error: (01/24/2015 02:13:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Advanced SystemCare Service 8 service to connect.


    Microsoft Office Sessions:
    =========================
    Error: (01/23/2015 11:42:23 PM) (Source: Wininit) (EventID: 1015) (User: )
    Description: C:\Windows\system32\lsass.exe255

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: CoCreateInstance0x80070005, Access is denied.

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 13) (User: )
    Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070005, Access is denied.

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: CoCreateInstance0x80070005, Access is denied.

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 13) (User: )
    Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070005, Access is denied.

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: CoCreateInstance0x80070005, Access is denied.

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 13) (User: )
    Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070005, Access is denied.

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: CoCreateInstance0x80070005, Access is denied.

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 13) (User: )
    Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070005, Access is denied.

    Error: (01/23/2015 11:42:22 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: CoCreateInstance0x80070005, Access is denied.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz
    Percentage of memory in use: 88%
    Total physical RAM: 1900.23 MB
    Available physical RAM: 215.58 MB
    Total Pagefile: 3800.47 MB
    Available Pagefile: 1633.61 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:148.95 GB) (Free:5.8 GB) NTFS
    Drive d: (BLEAK_HOUSE_D1) (CDROM) (Total:7.86 GB) (Free:0 GB) UDF
    Drive e: (TEMPORARY) (Fixed) (Total:465.65 GB) (Free:1.59 GB) FAT32
    Drive f: ((H)) (Fixed) (Total:232.83 GB) (Free:1.33 GB) FAT32
    Drive g: (tcup) (Fixed) (Total:698.64 GB) (Free:2.79 GB) NTFS
    Drive h: () (Fixed) (Total:931.51 GB) (Free:1.21 GB) NTFS
    Drive i: (prog files) (Fixed) (Total:931.51 GB) (Free:1.93 GB) NTFS
    Drive j: (FLASH DRIVE) (Removable) (Total:28.84 GB) (Free:1.11 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: E3A39BF6)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 698.6 GB) (Disk ID: 01C552B1)
    Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (Size: 465.8 GB) (Disk ID: 0F7E3E62)
    Partition 1: (Active) - (Size=465.8 GB) - (Type=0C)

    ========================================================
    Disk: 3 (Size: 931.5 GB) (Disk ID: B7DA717E)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 4 (Size: 931.5 GB) (Disk ID: 131C93D3)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 5 (Size: 232.9 GB) (Disk ID: 56397606)
    Partition 1: (Not Active) - (Size=232.9 GB) - (Type=0C)

    ========================================================
    Disk: 6 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: BE6BDF5E)
    Partition 1: (Not Active) - (Size=28.8 GB) - (Type=0C)

    ==================== End Of Log ============================
     
  10. irish66

    irish66 Thread Starter

    Joined:
    Apr 1, 2007
    Messages:
    39
    Hi. here is frst.txt

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
    Ran by User (administrator) on USER-PC on 24-01-2015 19:32:26
    Running from C:\Users\User\Downloads
    Loaded Profiles: User (Available profiles: User)
    Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
    (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (SoftPerfect Research) I:\program files\NetWorx\networx.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\osaui.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
    () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\osa.exe
    (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation) C:\Windows\System32\vds.exe
    (Moonchild Productions) I:\program files\pale noon-new\palemoon.exe
    (Hola Networks Ltd.) C:\Users\User\AppData\Local\Hola\firefox\app\hola_plugin.exe
    (Ghisler Software GmbH) G:\Program Files\TC UP\TOTALCMD.EXE


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
    HKLM-x32\...\Run: [NetWorx] => I:\program files\NetWorx\networx.exe [3248208 2012-08-20] (SoftPerfect Research)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
    HKLM-x32\...\Run: [EaseUs Tray] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe [1372232 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
    HKLM-x32\...\Run: [OfficeSubscriptionAgent] => C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osaui.exe [932160 2011-11-16] (Microsoft Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
    HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
    HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit)
    HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\...\Run: [Connectivity Fixer] => "C:\Program Files (x86)\Badosoft\Connectivity Fixer\Connectivity Fixer.exe" -m
    HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => I:\Program Files (x86)\office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => I:\Program Files (x86)\office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => I:\Program Files (x86)\office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => I:\Program Files (x86)\office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => I:\Program Files (x86)\office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    CHR HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
    SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKU\S-1-5-21-2741872586-2538202859-2254069678-1000 -> URL http://search.conduit.com/Results.aspx?ctid=CT3324760&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP6E4822AC-3FEC-42CA-80B8-7819610376A8&q={searchTerms}&SSPV=
    SearchScopes: HKU\S-1-5-21-2741872586-2538202859-2254069678-1000 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
    SearchScopes: HKU\S-1-5-21-2741872586-2538202859-2254069678-1000 -> {04BA89F1-7594-4844-84BF-3109E74715B0} URL = http://search.us.com/serp?guid={F697AA8C-ADBF-497E-A0A0-DF8DD9850C48}&action=default_search&k={searchTerms}
    SearchScopes: HKU\S-1-5-21-2741872586-2538202859-2254069678-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKU\S-1-5-21-2741872586-2538202859-2254069678-1000 -> {809E48D2-73DB-473D-A3E7-D9F7BEF38255} URL = http://search.us.com/serp?guid={A781BEA8-E7E4-4902-83E7-13110FF115B1}&action=default_search&k={searchTerms}
    SearchScopes: HKU\S-1-5-21-2741872586-2538202859-2254069678-1000 -> {F639F7FA-CBA0-4699-A1AC-B7AEBB1B4732} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10513
    BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> I:\Program Files (x86)\office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: No Name -> {A8C7458C-234A-224C-9FBB-28230B221079} -> No File
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> I:\Program Files (x86)\office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    Handler: WSISAllmytubechrome - No CLSID Value
    Hosts: 127.0.0.1 validation.sls.microsoft.com
    Tcpip\Parameters: [DhcpNameServer] 89.101.160.5 89.101.160.4
    Tcpip\..\Interfaces\{E4546054-EB22-44E2-9A93-8D18FAE62FB2}: [NameServer] 192.168.0.10,95.154.207.109,
    Tcpip\..\Interfaces\{EC2EFD57-74A2-4C61-ABA7-68A4FB769F23}: [NameServer] 192.168.0.10,95.154.207.109,192.168.0.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> I:\PROGRA~2\office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> I:\PROGRA~2\office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2741872586-2538202859-2254069678-1000: @hola.org/vlc,version=1.6.390 -> C:\Users\User\AppData\Local\Hola\firefox\app\vlc ()
    FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\user.js
    FF Extension: All Tabs Helper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: BYTubeD - Bulk YouTube video Downloader - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-09]
    FF Extension: Fire IE - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: FoxVox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Advanced SystemCare Surfing Protection - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2015-01-22]
    FF Extension: Muter - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Tab Groups Helper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: TooManyTabs - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Flashblock - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-09-09]
    FF Extension: Empty Cache Button - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-09-09]
    FF Extension: Fast Search by Surf Canyon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{75623d5d-4683-402a-b610-ac4bab767c86} [2014-09-11]
    FF Extension: iMacros for Firefox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-09-11]
    FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-11]
    FF Extension: TabGroups Manager - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{ca526f8b-9e0a-4756-9077-19d6f3e64ea8} [2014-09-09]
    FF Extension: Add to Search Bar - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Haga TamaƱo Barra de direcciones de fuente grande - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Add-ons Manager Context Menu - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-10]
    FF Extension: AutoCopy 2 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-10]
    FF Extension: Video Bookmarks - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: anonymoX - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Personal Menu - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-10]
    FF Extension: Copy Urls Expert - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-10]
    FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-10-01]
    FF Extension: Expire history by days - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: OneTab - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-09]
    FF Extension: Firefox Old Version Update Hotfix - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-09]
    FF Extension: Font Setter - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Side Tabs - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: FireTube - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-09]
    FF Extension: Word Count Tool - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Tab Grenade - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: YouTube ALL HTML5 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-09]
    FF Extension: Multi Links - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-09]
    FF Extension: Multiple Tab Handler - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: storeTab - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: No Small Text - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: NoSquint - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-09]
    FF Extension: Open In Chrome - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-10]
    FF Extension: Quick Search Bar - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: RememberPass - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Restart - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: S3.Google Translator - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-09]
    FF Extension: Session Manager Export Tool - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Site Searcher - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Snap Links Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-10]
    FF Extension: Suspend Tab - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Tabhunter - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-09]
    FF Extension: Tab Kit 2nd Edition - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Text to Voice - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: Location Bar Enhancer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: UnloadTab - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-10]
    FF Extension: Video Resumer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-09]
    FF Extension: Bulk Player Mate for YouTube - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\[email protected] [2014-09-11]
    FF Extension: All-in-One Sidebar - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2014-09-11]
    FF Extension: Session Manager - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-09-09]
    FF Extension: Clean Links - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2}.xpi [2014-09-11]
    FF Extension: TweakMDB - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{15a82062-5139-4855-9706-130a8a4be80c}.xpi [2014-09-11]
    FF Extension: FlashGot - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-09-09]
    FF Extension: Reader - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}.xpi [2014-09-11]
    FF Extension: Back to Top - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}.xpi [2014-09-11]
    FF Extension: Play All - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{41ca0b9f-fccf-4Ea1-b7c9-e379c1498afc}.xpi [2014-09-22]
    FF Extension: Send Tab URLs - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{4aebcd37-f454-4928-9233-174a026ed367}.xpi [2014-09-11]
    FF Extension: SwiftTabs - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{5F4EC95A-FFA8-11DE-898C-667D55D89593}.xpi [2014-09-11]
    FF Extension: Speed Dial - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-09-09]
    FF Extension: Searchbar Autosizer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{655397ca-4766-496b-b7a8-3a5b176ee4c2}.xpi [2014-09-11]
    FF Extension: Bluhell Firewall - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-09-09]
    FF Extension: NoScript - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-09-10]
    FF Extension: Copy Links - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{76C80A11-FAD4-406c-8246-F5ED4F9367B5}.xpi [2014-09-11]
    FF Extension: Bookmark All - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{a76cd07b-f0d7-4ef9-9566-8faef6e290e4}.xpi [2014-09-11]
    FF Extension: Right Links - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}.xpi [2014-09-11]
    FF Extension: Mouseless Browsing - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{c0bcf963-624b-47fe-aa78-8cc02434cf32}.xpi [2014-09-11]
    FF Extension: Fasterfox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2014-09-10]
    FF Extension: Show my Password - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi [2014-09-09]
    FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-11]
    FF Extension: DownThemAll! - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-09-09]
    FF Extension: Copy All Links - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{e6a9a96e-4a08-4719-b9bd-0e91c35aaabc}.xpi [2014-09-11]
    FF Extension: QuickJava - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-09-11]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-27]
    FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\extensions\[email protected] [Not Found]
    FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
    StartMenuInternet: FIREFOX.EXE - I:\program files\firefox\firefox.exe

    Chrome:
    =======
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-16]
    CHR Extension: (Hola Better Internet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-01-21]
    CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-18]
    CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2015-01-16]
    CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-27]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-29]
    CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2015-01-16]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-29] (AVAST Software)
    R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
    R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
    S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-12-10] (IObit)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    S3 Microsoft SharePoint Workspace Audit Service; I:\Program Files (x86)\office\Office14\GROOVE.EXE [30814400 2013-12-18] (Microsoft Corporation)
    R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
    R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe [12907520 2013-02-01] () [File not signed]
    R2 osubsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osa.exe [493384 2011-11-16] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-01-21] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-29] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-29] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-29] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-29] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-29] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-29] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-29] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-29] ()
    S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
    R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [61000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
    R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] () [File not signed]
    R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
    R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-16] (REALiX(tm))
    R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27456 2015-01-16] (Intel Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-24] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-24 19:24 - 2015-01-24 19:24 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
    2015-01-24 19:14 - 2015-01-24 19:14 - 00000000 ____H () C:\ProgramData\cm-lock
    2015-01-23 23:40 - 2015-01-23 23:40 - 00448512 _____ (OldTimer Tools) C:\Users\User\Downloads\TFC.exe
    2015-01-23 22:23 - 2015-01-23 22:23 - 00000729 _____ () C:\Users\Public\Desktop\SRWare Iron.lnk
    2015-01-23 22:23 - 2015-01-23 22:23 - 00000000 ____D () C:\Users\User\AppData\Local\Chromium
    2015-01-23 22:23 - 2015-01-23 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
    2015-01-23 22:22 - 2015-01-23 22:22 - 45496616 _____ (SRWare ) C:\Users\User\Downloads\srware_iron.exe
    2015-01-23 21:44 - 2015-01-23 21:44 - 34324222 _____ () C:\Users\User\Downloads\torbrowser-install-4.0.3_en-US.exe
    2015-01-23 21:13 - 2015-01-23 21:13 - 00509440 _____ (Tech Support Guy System) C:\Users\User\Downloads\SysInfo.exe
    2015-01-23 13:24 - 2015-01-23 13:24 - 00000000 ____D () C:\Windows\System32\Tasks\Badosoft
    2015-01-23 13:23 - 2015-01-23 13:23 - 00000000 ____D () C:\Program Files (x86)\Badosoft
    2015-01-23 13:21 - 2015-01-23 13:21 - 02597376 _____ () C:\Users\User\Downloads\Connectivity Fixer.msi
    2015-01-23 12:50 - 2015-01-23 13:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-01-23 12:46 - 2015-01-23 13:07 - 00000000 ____D () C:\Users\User\Desktop\mbar
    2015-01-23 01:36 - 2015-01-23 01:36 - 00000263 _____ () C:\Users\User\Downloads\Eagle_V05_N06_[1954-02-05].cbr
    2015-01-22 23:10 - 2015-01-22 23:10 - 00005093 _____ () C:\Users\User\Downloads\Diagnostic Report (1.9.0027.0).txt
    2015-01-22 23:06 - 2015-01-22 23:06 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage
    2015-01-22 23:06 - 2015-01-22 23:06 - 00000000 ____D () C:\MGADiagToolOutput
    2015-01-22 23:01 - 2015-01-22 23:01 - 02031992 _____ (Microsoft Corporation) C:\Users\User\Downloads\MGADiag.exe
    2015-01-22 20:37 - 2015-01-22 20:37 - 00000000 ____D () C:\Windows\system32\appraiser
    2015-01-22 20:20 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2015-01-22 20:20 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2015-01-22 20:20 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2015-01-22 20:20 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
    2015-01-22 20:20 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2015-01-22 20:20 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
    2015-01-22 20:20 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2015-01-22 20:20 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
    2015-01-22 20:20 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
    2015-01-22 20:20 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
    2015-01-22 20:13 - 2014-12-19 03:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-01-22 20:13 - 2014-12-19 01:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2015-01-22 20:13 - 2014-12-06 04:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2015-01-22 20:13 - 2014-12-06 03:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
    2015-01-22 20:13 - 2014-12-06 03:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2015-01-22 20:13 - 2014-11-27 01:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-01-22 20:13 - 2014-11-27 01:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-01-22 20:13 - 2014-11-22 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-01-22 20:13 - 2014-11-22 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-01-22 20:13 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-01-22 20:13 - 2014-11-22 02:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-01-22 20:13 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-01-22 20:13 - 2014-11-22 02:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-01-22 20:13 - 2014-11-22 02:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-01-22 20:13 - 2014-11-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-01-22 20:13 - 2014-11-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-01-22 20:13 - 2014-11-22 02:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-01-22 20:13 - 2014-11-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-01-22 20:13 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-01-22 20:13 - 2014-11-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-01-22 20:13 - 2014-11-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-01-22 20:13 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-01-22 20:13 - 2014-11-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-01-22 20:13 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-01-22 20:13 - 2014-11-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-01-22 20:13 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-01-22 20:13 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-01-22 20:13 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-01-22 20:13 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-01-22 20:13 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-01-22 20:13 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-01-22 20:13 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-01-22 20:13 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-01-22 20:13 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-01-22 20:13 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-01-22 20:13 - 2014-11-22 01:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-01-22 20:13 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-01-22 20:13 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-01-22 20:13 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-01-22 20:13 - 2014-11-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-01-22 20:13 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-01-22 20:13 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-01-22 20:13 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-01-22 20:13 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-01-22 20:13 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-01-22 20:13 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-01-22 20:13 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-01-22 20:13 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-01-22 20:13 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-01-22 20:13 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-01-22 20:13 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-01-22 20:13 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-01-22 20:13 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-01-22 20:13 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-01-22 20:13 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-01-22 20:13 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-01-22 20:13 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-01-22 20:13 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-01-22 20:12 - 2014-12-12 05:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-01-22 20:12 - 2014-12-12 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-01-22 20:12 - 2014-12-12 05:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-01-22 20:12 - 2014-12-12 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-01-22 20:12 - 2014-12-12 05:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-01-22 20:12 - 2014-12-12 05:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-01-22 20:12 - 2014-12-12 05:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-01-22 20:12 - 2014-12-04 02:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-01-22 20:12 - 2014-12-04 02:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-01-22 20:12 - 2014-12-04 02:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-01-22 20:12 - 2014-12-04 02:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-01-22 20:12 - 2014-12-04 02:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-01-22 20:12 - 2014-12-04 02:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-01-22 20:12 - 2014-12-04 02:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-01-22 20:12 - 2014-12-01 23:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2015-01-22 20:12 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-01-22 20:12 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-01-22 20:12 - 2014-11-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-01-22 20:12 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2015-01-22 20:12 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
    2015-01-22 20:12 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2015-01-22 20:12 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2015-01-22 20:12 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
    2015-01-22 20:12 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2015-01-22 20:12 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
    2015-01-22 20:12 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2015-01-22 20:12 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
    2015-01-22 20:12 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
    2015-01-22 20:09 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2015-01-22 20:09 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2015-01-22 20:09 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2015-01-22 20:09 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2015-01-22 20:09 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2015-01-22 20:09 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
    2015-01-22 20:09 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
    2015-01-22 19:51 - 2015-01-22 19:51 - 00003164 _____ () C:\Windows\System32\Tasks\ASC8_PerformanceMonitor
    2015-01-22 19:51 - 2015-01-22 19:51 - 00001232 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
    2015-01-22 19:50 - 2015-01-22 19:51 - 00002185 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
    2015-01-22 19:50 - 2015-01-22 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
    2015-01-22 19:17 - 2015-01-22 20:07 - 00031031 _____ () C:\Users\User\Downloads\Addition.txt
    2015-01-22 19:14 - 2015-01-24 19:33 - 00031393 _____ () C:\Users\User\Downloads\FRST.txt
    2015-01-22 19:12 - 2015-01-24 19:32 - 00000000 ____D () C:\FRST
    2015-01-22 19:11 - 2015-01-24 19:24 - 02129920 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
    2015-01-22 13:14 - 2014-12-11 17:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2015-01-22 13:04 - 2015-01-24 19:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-01-22 12:57 - 2015-01-23 12:50 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-01-22 12:57 - 2015-01-22 12:57 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-01-22 12:57 - 2015-01-22 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-01-22 12:57 - 2015-01-22 12:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-01-22 12:57 - 2015-01-22 12:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-01-22 12:57 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-01-22 12:57 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2015-01-22 12:45 - 2015-01-22 12:45 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.4.1028.exe
    2015-01-22 12:37 - 2015-01-24 19:13 - 00001400 _____ () C:\Windows\setupact.log
    2015-01-22 12:37 - 2015-01-22 12:37 - 00000000 _____ () C:\Windows\setuperr.log
    2015-01-22 12:36 - 2015-01-23 23:44 - 00052022 _____ () C:\Windows\PFRO.log
    2015-01-21 12:41 - 2015-01-21 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-01-21 12:40 - 2015-01-21 12:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-01-21 12:40 - 2015-01-21 12:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2015-01-18 13:38 - 2015-01-18 13:38 - 17560335 _____ () C:\Users\User\Downloads\Eagle V05 N41 [1954-10-08].cbr
    2015-01-18 13:33 - 2015-01-18 13:33 - 20934700 _____ () C:\Users\User\Downloads\The Hotspur - A Catalogue 1933-1959 (1983).cbr
    2015-01-18 03:35 - 2015-01-18 03:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
    2015-01-17 20:37 - 2015-01-17 20:46 - 17006847 _____ () C:\Users\User\Downloads\Eagle v08 002 [11-01-1957] (re-edit).cbr
    2015-01-17 20:37 - 2015-01-17 20:43 - 10925077 _____ () C:\Users\User\Downloads\Schoolgirls Picture Library 07 Schoolgirl In Disguise [15-10-1957] (re-edit).cbr
    2015-01-17 20:31 - 2015-01-17 20:49 - 31508864 _____ () C:\Users\User\Downloads\Warlord 544 [1985-02-23].zip
    2015-01-17 20:31 - 2015-01-17 20:47 - 33105142 _____ () C:\Users\User\Downloads\Warlord 545 [1985-03-02].zip
    2015-01-17 20:27 - 2015-01-17 20:27 - 00000000 _____ () C:\Users\User\Downloads\the rivals of sherlock holmes.zip
    2015-01-17 20:26 - 2015-01-17 21:00 - 43479297 _____ () C:\Users\User\Downloads\the rivals of sherlock holmes.zip.part
    2015-01-17 03:08 - 2015-01-17 03:08 - 00001370 _____ () C:\Users\User\Desktop\Internet Booster.lnk
    2015-01-17 03:07 - 2015-01-17 03:07 - 00000000 ____D () C:\Windows\Tasks\TaskDisabled
    2015-01-17 01:18 - 2015-01-17 01:18 - 00001321 _____ () C:\Users\User\Desktop\Smart RAM.lnk
    2015-01-16 22:12 - 2015-01-16 22:12 - 00000727 _____ () C:\Users\User\Downloads\repository.addonscriptorde-beta.zip
    2015-01-16 14:12 - 2015-01-16 14:12 - 00000000 ____D () C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
    2015-01-16 14:12 - 2015-01-16 14:12 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
    2015-01-16 13:13 - 2015-01-16 13:13 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2015-01-16 13:13 - 2015-01-16 13:13 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2015-01-16 13:13 - 2015-01-16 13:13 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2015-01-16 13:13 - 2015-01-16 13:13 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2015-01-16 13:13 - 2015-01-16 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-01-16 13:10 - 2015-01-16 13:10 - 00497424 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1k62x64.sys
    2015-01-16 13:10 - 2015-01-16 13:10 - 00089888 _____ (Intel Corporation) C:\Windows\system32\NicInstK.dll
    2015-01-16 13:10 - 2015-01-16 13:10 - 00073480 _____ (Intel Corporation) C:\Windows\system32\e1kmsg.dll
    2015-01-16 13:10 - 2015-01-16 13:10 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
    2015-01-16 13:10 - 2015-01-16 13:10 - 00003093 _____ () C:\Windows\system32\e1k62x64.din
    2015-01-16 13:08 - 2015-01-16 13:08 - 00000000 ____D () C:\Program Files (x86)\Intel
    2015-01-16 13:08 - 2015-01-16 13:08 - 00000000 ____D () C:\Intel
    2015-01-16 13:06 - 2015-01-16 13:06 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
    2015-01-16 13:06 - 2015-01-16 13:06 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 04722176 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 03158560 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
    2015-01-16 13:06 - 2015-01-16 13:06 - 01991936 _____ () C:\Windows\system32\iglhxa64.cpa
    2015-01-16 13:06 - 2015-01-16 13:06 - 00982240 _____ () C:\Windows\SysWOW64\igkrng500.bin
    2015-01-16 13:06 - 2015-01-16 13:06 - 00982240 _____ () C:\Windows\system32\igkrng500.bin
    2015-01-16 13:06 - 2015-01-16 13:06 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00645952 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
    2015-01-16 13:06 - 2015-01-16 13:06 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00511008 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
    2015-01-16 13:06 - 2015-01-16 13:06 - 00439308 _____ () C:\Windows\SysWOW64\igcompkrng500.bin
    2015-01-16 13:06 - 2015-01-16 13:06 - 00439308 _____ () C:\Windows\system32\igcompkrng500.bin
    2015-01-16 13:06 - 2015-01-16 13:06 - 00418336 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
    2015-01-16 13:06 - 2015-01-16 13:06 - 00387616 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
    2015-01-16 13:06 - 2015-01-16 13:06 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00224800 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
    2015-01-16 13:06 - 2015-01-16 13:06 - 00208896 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00206336 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00188416 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00163360 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
    2015-01-16 13:06 - 2015-01-16 13:06 - 00154656 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
    2015-01-16 13:06 - 2015-01-16 13:06 - 00147456 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
    2015-01-16 13:06 - 2015-01-16 13:06 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
    2015-01-16 13:06 - 2015-01-16 13:06 - 00092356 _____ () C:\Windows\SysWOW64\igfcg500m.bin
    2015-01-16 13:06 - 2015-01-16 13:06 - 00092356 _____ () C:\Windows\system32\igfcg500m.bin
    2015-01-16 13:06 - 2015-01-16 13:06 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
    2015-01-16 13:06 - 2015-01-16 13:06 - 00061952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00060254 _____ () C:\Windows\system32\iglhxg64.vp
    2015-01-16 13:06 - 2015-01-16 13:06 - 00060226 _____ () C:\Windows\system32\iglhxc64.vp
    2015-01-16 13:06 - 2015-01-16 13:06 - 00060015 _____ () C:\Windows\system32\iglhxo64.vp
    2015-01-16 13:06 - 2015-01-16 13:06 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00027456 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
    2015-01-16 13:06 - 2015-01-16 13:06 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp
    2015-01-16 13:06 - 2015-01-16 13:06 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
    2015-01-16 13:06 - 2015-01-16 13:06 - 00001090 _____ () C:\Windows\system32\iglhxa64.vp
    2015-01-16 12:58 - 2015-01-23 13:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\ProductData
    2015-01-16 12:58 - 2015-01-22 19:05 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (User)
    2015-01-16 12:58 - 2015-01-16 12:58 - 00113512 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-01-16 12:58 - 2015-01-16 12:58 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
    2015-01-16 12:57 - 2015-01-23 18:04 - 00000000 ____D () C:\ProgramData\ProductData
    2015-01-16 12:57 - 2015-01-16 12:57 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
    2015-01-16 12:56 - 2015-01-16 12:56 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
    2015-01-16 12:55 - 2015-01-22 19:50 - 00000000 ____D () C:\Program Files (x86)\IObit
    2015-01-16 12:55 - 2015-01-17 03:10 - 00000000 ____D () C:\ProgramData\IObit
    2015-01-16 12:55 - 2015-01-16 14:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\IObit
    2015-01-15 12:20 - 2015-01-15 12:20 - 00437784 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-01-14 00:13 - 2015-01-14 00:15 - 00000000 ____D () C:\ProgramData\UMS
    2015-01-13 02:02 - 2015-01-13 02:02 - 17374857 _____ () C:\Users\User\Downloads\Eagle V07 N12 [1956-03-23].cbr
    2015-01-10 19:45 - 2015-01-10 19:45 - 00010650 _____ () C:\Users\User\Documents\cc_20150110_194522.reg
    2015-01-10 19:44 - 2015-01-10 19:44 - 00172980 _____ () C:\Users\User\Documents\cc_20150110_194436.reg
    2015-01-09 12:42 - 2015-01-09 12:42 - 00024327 _____ () C:\Users\User\Downloads\Requiescant-1967-1CD-23.976fps-EN-22kB-english-subtitle.zip
    2015-01-08 19:10 - 2015-01-08 20:19 - 77523262 _____ () C:\Users\User\Downloads\Giles 31 [1977].cbz
    2015-01-08 14:17 - 2015-01-08 14:17 - 14277596 _____ () C:\Users\User\Downloads\Sapphire & Steel Annual 1980.cbr
    2015-01-08 13:17 - 2015-01-08 13:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\dvdcss
    2015-01-08 07:47 - 2015-01-08 07:49 - 00000000 ____D () C:\Users\User\AppData\Local\untv
    2015-01-08 07:08 - 2015-01-08 07:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\deluge
    2015-01-08 07:07 - 2015-01-08 07:58 - 00000000 ____D () C:\Users\User\AppData\Local\MoviePanda
    2015-01-08 07:07 - 2015-01-08 07:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\Python-Eggs
    2015-01-08 07:07 - 2015-01-08 07:07 - 00000000 ____D () C:\Users\User\Documents\MoviePanda
    2015-01-08 07:07 - 2015-01-08 07:07 - 00000000 ____D () C:\Users\User\AppData\Roaming\MoviePanda
    2015-01-08 06:51 - 2015-01-08 08:15 - 00000000 ____D () C:\Users\User\AppData\Local\Flixtor
    2015-01-08 06:05 - 2015-01-08 08:01 - 00000000 ____D () C:\Users\User\AppData\Local\eclipse
    2015-01-08 06:05 - 2015-01-08 06:05 - 00000000 ____D () C:\Users\User\.swt
    2015-01-08 06:04 - 2015-01-08 08:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\Zona
    2015-01-08 05:09 - 2015-01-08 05:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\.ACEStream
    2015-01-08 05:07 - 2015-01-08 05:09 - 00000000 ____D () C:\Users\User\AppData\Roaming\RoxTemp
    2015-01-08 04:48 - 2015-01-16 14:03 - 00000000 ____D () C:\Users\User\AppData\Local\Isoplex
    2015-01-08 04:47 - 2015-01-08 04:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\RSATom
    2015-01-08 04:36 - 2015-01-08 05:17 - 00000000 ____D () C:\Users\User\AppData\Local\Waifu
    2015-01-08 02:37 - 2015-01-08 02:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
    2015-01-08 02:37 - 2015-01-08 02:37 - 00000000 ____D () C:\Program Files\TAP-Windows
    2015-01-08 02:36 - 2015-01-23 23:38 - 00000000 ____D () C:\Users\User\.openvpn
    2015-01-06 20:57 - 2015-01-06 21:56 - 00066204 _____ () C:\Users\User\Downloads\Ship Of Monsters.srt
    2015-01-06 20:37 - 2015-01-10 19:43 - 00000000 ____D () C:\Users\User\Downloads\COMICS
    2015-01-02 22:39 - 2015-01-02 22:39 - 00000000 ____D () C:\Users\User\AppData\Local\IsolatedStorage
    2015-01-02 22:39 - 2015-01-02 22:39 - 00000000 ____D () C:\Users\User\AppData\Local\HockeyCrashes
    2014-12-29 20:05 - 2014-12-29 20:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\ADrive
    2014-12-29 20:04 - 2014-12-29 20:04 - 00000000 ____D () C:\Users\User\AppData\Local\ADrive
    2014-12-26 12:04 - 2014-12-26 12:04 - 00000000 ____D () C:\Users\User\Desktop\test
    2014-12-25 13:23 - 2014-12-25 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Create Multiple Files From Text File List Software
    2014-12-25 13:23 - 2005-06-15 03:00 - 00102400 _____ (TechSmith Corporation) C:\Windows\SysWOW64\tsccvid.dll
    2014-12-25 13:10 - 2014-12-25 13:11 - 00000013 _____ () C:\Users\User\Downloads\test.txt

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-24 19:29 - 2014-02-11 12:51 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-01-24 19:22 - 2014-09-11 13:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-01-24 19:22 - 2009-07-14 04:45 - 00025728 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-01-24 19:22 - 2009-07-14 04:45 - 00025728 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-01-24 19:15 - 2014-02-27 09:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2015-01-24 19:14 - 2014-02-11 12:51 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-01-24 19:14 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-24 02:10 - 2014-08-13 01:35 - 01312480 _____ () C:\Windows\WindowsUpdate.log
    2015-01-24 01:01 - 2014-03-07 03:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\XnView
    2015-01-23 23:45 - 2009-07-14 05:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-01-23 21:57 - 2014-02-27 11:41 - 00000000 ____D () C:\Users\User\AppData\Roaming\Kodi
    2015-01-23 14:22 - 2014-02-27 14:14 - 00004402 _____ () C:\Users\User\.swfinfo
    2015-01-23 13:22 - 2014-09-11 13:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-01-23 13:22 - 2014-09-09 02:01 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-01-23 13:22 - 2014-09-09 02:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-01-23 02:04 - 2009-07-14 05:13 - 00752560 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-23 00:41 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
    2015-01-22 22:43 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
    2015-01-22 20:37 - 2014-07-06 10:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2015-01-22 20:37 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2015-01-22 20:37 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
    2015-01-22 20:28 - 2014-04-24 19:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-01-22 14:57 - 2014-01-22 11:15 - 00000000 ____D () C:\Windows\system32\MRT
    2015-01-22 13:42 - 2014-09-09 02:51 - 00000000 ____D () C:\Users\User\AppData\Roaming\rmi
    2015-01-21 11:47 - 2014-04-02 20:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Winamp
    2015-01-20 11:54 - 2014-09-07 20:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
    2015-01-18 23:48 - 2014-12-10 20:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mipony
    2015-01-18 03:37 - 2014-09-18 20:10 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-01-17 21:25 - 2014-12-04 20:53 - 00039801 _____ () C:\Users\User\.JavaPowUpload.ser
    2015-01-17 20:11 - 2014-12-04 19:00 - 00000315 _____ () C:\Users\User\.JavaPowUpload.properties
    2015-01-16 14:09 - 2014-09-19 02:07 - 00003374 _____ () C:\Windows\System32\Tasks\RunAsStdUser Task for VeohWebPlayer
    2015-01-16 14:09 - 2014-02-11 12:51 - 00003900 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-01-16 14:09 - 2014-02-11 12:51 - 00003648 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-01-16 13:38 - 2014-09-10 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
    2015-01-16 13:23 - 2014-10-25 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\oDC
    2015-01-16 13:23 - 2014-10-08 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeKeystrokeLogger
    2015-01-16 13:23 - 2014-01-22 01:25 - 00000000 ____D () C:\Windows\Panther
    2015-01-16 13:17 - 2014-12-22 14:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\WinFF
    2015-01-16 13:06 - 2009-07-13 21:59 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
    2015-01-08 09:55 - 2014-01-22 11:31 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2015-01-08 06:05 - 2014-09-07 17:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
    2014-12-31 13:12 - 2014-01-22 11:15 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-26 14:36 - 2009-07-14 05:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
    2014-12-26 14:36 - 2009-07-14 05:32 - 00000000 ____D () C:\Program Files\DVD Maker
    2014-12-26 14:36 - 2009-07-14 03:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-12-26 11:44 - 2014-06-02 19:51 - 00007610 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
    2014-12-25 01:32 - 2014-12-23 22:14 - 00000000 ____D () C:\Users\User\Downloads\Hola

    ==================== Files in the root of some directories =======

    2014-10-08 12:06 - 2014-10-08 12:22 - 0000124 _____ () C:\Users\User\AppData\Roaming\Camdata.ini
    2014-10-08 12:06 - 2014-10-08 12:22 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamLayout.ini
    2014-10-08 12:06 - 2014-10-08 12:22 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamShapes.ini
    2014-10-08 12:06 - 2014-10-08 12:22 - 0004535 _____ () C:\Users\User\AppData\Roaming\CamStudio.cfg
    2014-10-08 12:02 - 2014-10-08 12:08 - 0000096 _____ () C:\Users\User\AppData\Roaming\version2.xml
    2014-07-20 18:09 - 2014-07-20 18:09 - 0000218 _____ () C:\Users\User\AppData\Local\recently-used.xbel
    2014-06-02 19:51 - 2014-12-26 11:44 - 0007610 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
    2015-01-24 19:14 - 2015-01-24 19:14 - 0000000 ____H () C:\ProgramData\cm-lock

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-01-22 22:34

    ==================== End Of Log ============================
     
  11. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    irish66,
    ------------------------------------------------
    Remove Programs Using Control Panel
    From Start, Control Panel, click on Programs and Features
    Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

    Surfing Protection
    Advanced SystemCare 8
    Java 7 Update 72

    Take extra care in answering questions posed by any Uninstaller.
    -----------------------------------------------------------
    REBOOT (RESTART) Your Machine
    --------------------------------------------------------
    Run A Fix With FRST
    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both the program FRST64.exe and Fixlist.txt be in the same location, or the fix will not work.
    (Both on the Desktop is OK, or both in the same folder elsewhere)

    Run FRST64 and press the Fix button just once and wait. DO NOT PRESS THE SCAN BUTTON.
    If for some reason the tool needs a restart, please make sure you let the system restart normally.
    The tool may start automatically and complete its work after the system restart. Let the tool complete its run.
    When finished, FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents in your reply.

    askey127
     

    Attached Files:

  12. irish66

    irish66 Thread Starter

    Joined:
    Apr 1, 2007
    Messages:
    39
    Hello.

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01
    Ran by User at 2015-01-24 23:08:52 Run:1
    Running from C:\Users\User\Desktop
    Loaded Profiles: User (Available profiles: User)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    CreateRestorePoint:
    EmptyTemp:
    Tak: {1E33530B-4B37-45EE-918A-19C4B3280CA7} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
    Task: {60D1CCCC-EFEE-4BFB-B4BD-C4A1E8609B1F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
    Task: {64A12AC9-3580-46CA-ABE5-384684B60E6A} - System32\Tasks\ASC8_SkipUac_User => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-12-30] (IObit)
    Task: {66F7DE5F-A0CB-42D3-85F4-7EFABD1A6C44} - System32\Tasks\Driver Booster SkipUAC (User) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
    Task: {9EDB4D9E-930F-4E36-BD00-16A3A7EEA976} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-12-10] (IObit)
    Task: {A0076714-57E4-4B1F-96C7-7685D0F203E4} - System32\Tasks\Uninstaller_SkipUac_User => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-09] (IObit)
    2015-01-22 19:50 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
    2015-01-22 19:50 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
    2015-01-22 19:50 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
    2015-01-22 19:50 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll
    2015-01-22 19:50 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
    HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    CHR HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    SearchScopes: HKU\S-1-5-21-2741872586-2538202859-2254069678-1000 -> URL http://search.conduit.com/Results.a...tid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM= 4&UP=SP6E4822AC-3FEC-42CA-80B8-7819610376A8&q={searchTerms}&SSPV=
    SearchScopes: HKU\S-1-5-21-2741872586-2538202859-2254069678-1000 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
    SearchScopes: HKU\S-1-5-21-2741872586-2538202859-2254069678-1000 -> {F639F7FA-CBA0-4699-A1AC-B7AEBB1B4732} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10513
    BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
    BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    FF Extension: Advanced SystemCare Surfing Protection - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Ext ensions\[email protected] [2015-01-22]
    FF Extension: Speed Dial - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Ext ensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-09-09]
    FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
    CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2015-01-16]
    CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2015-01-16]
    S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
    C:\Program Files (x86)\IObit\Advanced SystemCare 8
    2015-01-22 19:51 - 2015-01-22 19:51 - 00001232 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
    2015-01-22 19:50 - 2015-01-22 19:51 - 00002185 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
    2015-01-22 19:50 - 2015-01-22 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
    2015-01-16 12:55 - 2015-01-22 19:50 - 00000000 ____D () C:\Program Files (x86)\IObit
    2015-01-16 12:55 - 2015-01-17 03:10 - 00000000 ____D () C:\ProgramData\IObit
    2015-01-16 12:55 - 2015-01-16 14:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\IObit
    2015-01-18 03:37 - 2014-09-18 20:10 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-10-08 12:06 - 2014-10-08 12:22 - 0004535 _____ () C:\Users\User\AppData\Roaming\CamStudio.cfg

    *****************

    Restore point was successfully created.
    Tak: {1E33530B-4B37-45EE-918A-19C4B3280CA7} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION => Error: No automatic fix found for this entry.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60D1CCCC-EFEE-4BFB-B4BD-C4A1E8609B1F}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60D1CCCC-EFEE-4BFB-B4BD-C4A1E8609B1F}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64A12AC9-3580-46CA-ABE5-384684B60E6A} => Key not found.
    C:\Windows\System32\Tasks\ASC8_SkipUac_User not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_SkipUac_User => Key not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66F7DE5F-A0CB-42D3-85F4-7EFABD1A6C44}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66F7DE5F-A0CB-42D3-85F4-7EFABD1A6C44}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Driver Booster SkipUAC (User) => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (User)" => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EDB4D9E-930F-4E36-BD00-16A3A7EEA976} => Key not found.
    C:\Windows\System32\Tasks\ASC8_PerformanceMonitor not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_PerformanceMonitor => Key not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0076714-57E4-4B1F-96C7-7685D0F203E4}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0076714-57E4-4B1F-96C7-7685D0F203E4}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Uninstaller_SkipUac_User => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_User" => Key deleted successfully.
    "C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl" => File/Directory not found.
    "C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl" => File/Directory not found.
    "C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl" => File/Directory not found.
    "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll" => File/Directory not found.
    "C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll" => File/Directory not found.
    HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 8 => Value not found.
    "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
    "HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
    HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL http://search.conduit.com/Results.a...tid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM= => Value not found.
    HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value deleted successfully.
    "HKU\S-1-5-21-2741872586-2538202859-2254069678-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F639F7FA-CBA0-4699-A1AC-B7AEBB1B4732}" => Key deleted successfully.
    HKCR\CLSID\{F639F7FA-CBA0-4699-A1AC-B7AEBB1B4732} => Key not found.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
    "HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => Key not found.
    HKCR\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => Key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
    "HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
    C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Ext ensions\[email protected] not found.
    C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t3a5jlio.default\Ext ensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi not found.
    C:\Program Files (x86)\IObit Apps Toolbar\FF not found.
    C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd => Moved successfully.
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd" => Key deleted successfully.
    "C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx" => File/Directory not found.
    AdvancedSystemCareService8 => Service not found.
    "C:\Program Files (x86)\IObit\Advanced SystemCare 8" => File/Directory not found.
    C:\Users\Public\Desktop\IObit Uninstaller.lnk => Moved successfully.
    "C:\Users\Public\Desktop\Advanced SystemCare 8.lnk" => File/Directory not found.
    "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8" => File/Directory not found.
    C:\Program Files (x86)\IObit => Moved successfully.
    C:\ProgramData\IObit => Moved successfully.
    C:\Users\User\AppData\Roaming\IObit => Moved successfully.
    C:\ProgramData\Package Cache => Moved successfully.
    C:\Users\User\AppData\Roaming\CamStudio.cfg => Moved successfully.
    EmptyTemp: => Removed 32.3 MB temporary data.


    The system needed a reboot.

    ==== End of Fixlog 23:09:53 ====
     
  13. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Tell me how it's running for you.
     
  14. irish66

    irish66 Thread Starter

    Joined:
    Apr 1, 2007
    Messages:
    39
    justunblock is still preventing me from acessing certain sites such as dailymotion.
     
  15. irish66

    irish66 Thread Starter

    Joined:
    Apr 1, 2007
    Messages:
    39
    update. I rebooted the computer again, and at the moment everything seems fine. Thank you very much for your help in this problem.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1141755

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice