DNS Lookup Failed (Cannot access internet) Upon Removing of unknown malware

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

kango88

Thread Starter
Joined
Feb 5, 2015
Messages
153
Hi,

Some background about what happened first. First, one day i realised my internet browsers for computer A running on windows 8.1 have been infected by some virus as my Google search on my Chrome and IE looks weird (Google logo and blue arrow missing)

After which, i tried to find out what's wrong by scanning with various software such as windows defender and spybot s&d but nothing was found. After which i turned to using Adwcleaner after finding it online. Upon using it twice, my internet stopped working and I'm seeing this messsage on my Internet Explorer (Google is the homepage)
"DNS Lookup for "www.google.com" failed. The system reports that no network connection is available. System.Net.Sockets.SocketException No such host is known"

This is the first problem. For the second problem, after computer A is down, I imported my Chrome profiles from computer A to computer B (A macbook runnning windows 7 in bootcamp) and now my internet browsers in computer B are infected with the same unknown virus of having a weird looking Google search and not being able to access both yahoo and bing search.

I've tried some of the method in http://forums.techguy.org/virus-other-malware-removal/ but still cannot get my internet back working on computer A and find the unknown virus in computer B.

Can you help me solve the internet problem in computer A first? I'll post the reports I've generated using the various software mentioned in the other thread

Thanks
 

kango88

Thread Starter
Joined
Feb 5, 2015
Messages
153
Sysinfo

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 8077 Mb
Graphics Card: NVIDIA GeForce GT 740M, -2048 Mb
Hard Drives: C: Total - 190423 MB, Free - 66674 MB; D: Total - 264346 MB, Free - 1139 MB; E: Total - 7629 MB, Free - 1686 MB;
Motherboard: ASUSTeK COMPUTER INC., K46CB
Antivirus: Windows Defender, Disabled

--------------------------------------------------------------------------------------------------------------------------
FRST
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by Gladwin (administrator) on GLADWIN on 08-02-2015 00:12:55
Running from C:\Users\ASUS\Desktop\Troubleshoot Program
Loaded Profiles: Gladwin (Available profiles: Gladwin)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
() C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(InstallShield®) C:\Program Files (x86)\InstallShield\isupdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Users\ASUS\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe
() C:\Users\ASUS\AppData\Roaming\ACEStream\engine\ace_engine.exe
(Spotify Ltd) C:\Users\ASUS\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_watch.exe
() C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_hub.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
() C:\Users\ASUS\AppData\Local\MediaFire Desktop\MediaFire Desktop.exe
() C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_filetransfer.exe
() C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_browser.exe
() C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe
(Barracuda Networks, Inc.) C:\Users\ASUS\AppData\Roaming\Copy\CopyAgent.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_central_control.exe
() C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_monitor.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
() C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_dialogs.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmW.exe
() C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmwj.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
(Dropbox, Inc.) C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\ASUS\AppData\Roaming\ACEStream\updater\ace_update.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Tech Support Guy System) C:\Users\ASUS\Desktop\Troubleshoot Program\SysInfo.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-12-23] (Realtek Semiconductor)
HKLM\...\Run: [AuditSHD] => C:\windows\system32\oobe\auditshd.exe [29696 2013-08-22] (Microsoft Corporation)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-30] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-30] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [70656 2014-12-23] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-08-05] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\ASUSWSLoader.exe [63296 2014-07-08] ()
HKLM-x32\...\Run: [Launcher] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\Launcher\fxlaunch.exe [2400768 2012-04-28] (Fuji Xerox Co., Ltd.)
HKLM-x32\...\Run: [M205f RUN] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmRun.exe [355840 2012-06-20] ()
HKLM-x32\...\Run: [StatusAutoRunm205f] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmpl.exe [3978752 2012-06-20] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-11-19] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3084288 2012-07-31] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3878480 2014-08-20] (Tonec Inc.)
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2013-11-14] (Microsoft Corporation)
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [AceStream] => C:\Users\ASUS\AppData\Roaming\ACEStream\engine\ace_engine.exe [27904 2014-09-25] ()
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Spotify Web Helper] => C:\Users\ASUS\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-15] (Spotify Ltd)
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Google Update] => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-13] (Google Inc.)
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [MediaFire Tray] => C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_watch.exe [4002120 2015-01-23] ()
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [instanteyedropper] => C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe [352256 2007-10-17] ()
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Copy] => C:\Users\ASUS\AppData\Roaming\Copy\CopyAgent.exe [15435920 2015-01-23] (Barracuda Networks, Inc.)
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2425632 2014-11-07] (IObit)
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\MountPoints2: {c7345423-f2fd-11e3-bf91-2cd05a4163df} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\MountPoints2: {e49a6483-8e37-11e3-824e-806e6f6e6963} - "F:\start.exe"
HKU\S-1-5-18\...\Run: [Copy] => C:\Users\ASUS\AppData\Roaming\Copy\CopyAgent.exe [15435920 2015-01-23] (Barracuda Networks, Inc.)
HKU\S-1-5-18\...\Run: [Backblaze] => "C:\Program Files (x86)\Backblaze\bzbui.exe" -quiet
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk
ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_d548a.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_d548a.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_d548a.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_d548a.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_d548a.dll (TODO: <Company name>)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [HKLM] => ProxyEnable is set.
ProxyEnable: [HKLM-x32] => ProxyEnable is set.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
HKU\S-1-5-21-147487581-2992457104-1551078015-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-147487581-2992457104-1551078015-1002 -> URL http://search.conduit.com/Results.aspx?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SPF84B958F-6C5F-431F-B5D3-7D8E0D53175F&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-147487581-2992457104-1551078015-1002 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-147487581-2992457104-1551078015-1002 -> {F420D4DA-5EF9-4E57-852D-35292E645774} URL = http://sg.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default
FF SelectedSearchEngine: Google
FF Keyword.URL: hxxp://sg.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=599486&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @acestream.net/acestreamplugin,version=2.2.0-next -> C:\Users\ASUS\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @citrixonline.com/appdetectorplugin -> C:\Users\ASUS\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\ASUS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @talk.google.com/O1DPlugin -> C:\Users\ASUS\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @tools.google.com/Google Update;version=3 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @tools.google.com/Google Update;version=9 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\ASUS\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ASUS\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2014-11-21]
FF Extension: IDM CC - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2015-01-29]
FF Extension: FireShot - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-01-30]
FF Extension: EPUBReader - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-01-11]
FF Extension: Easy App Tabs - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2014-02-05]
FF Extension: MEGA - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2015-02-04]
FF Extension: Save My Tabs - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2014-02-05]
FF Extension: Media Stealer - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2014-08-24]
FF Extension: Reader - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}.xpi [2015-01-30]
FF Extension: Graph Authority - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{CBECCADF-6A82-4141-A264-7ED25F718BCB}.xpi [2014-04-10]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\[email protected] [2014-10-08]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Firefox\Extensions: [[email protected]] - C:\Users\ASUS\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ASUS\AppData\Roaming\IDM\idmmzcc5 [2014-08-24]
FF HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\ASUS\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPF84B958F-6C5F-431F-B5D3-7D8E0D53175F&SSPV=
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPF84B958F-6C5F-431F-B5D3-7D8E0D53175F&SSPV="
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Downloads) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajkhjekibcfjngomhbbifihellcaebcn [2014-07-18]
CHR Extension: (Download Manager (video and mp3)) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bapnjmgdanmelbcmjdjljogelnlfepcj [2015-01-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (RankRecon) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\chjdckfonfkdoeiobllnejjieicmjodh [2014-06-03]
CHR Extension: (OneTab) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2014-12-23]
CHR Extension: (Webpage Screenshot) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-03-22]
CHR Extension: (SEO I.Q.) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\dadlnlnlpkpchfljjcpkodcljofniggm [2014-09-23]
CHR Extension: (Tabs Backup & Restore) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehocbglhkaogiljpihicakmlockmlgd [2014-03-22]
CHR Extension: (Graph Authority) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeaaoidckfbpinpmjbbmgnapanfnkdkc [2014-04-10]
CHR Extension: (FB Pixel Helper) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2015-01-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-02-02]
CHR Extension: (Share As Image Extension) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmhphfbdfbkokcfajipbmkcakmmepeb [2014-12-22]
CHR Extension: (SEO & Website Analysis) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlngmmdolgbdnnimbmblfhhndibdipaf [2014-12-22]
CHR Extension: (IDM Integration Module) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-02-06]
CHR Extension: (Hangouts) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-03-25]
CHR Extension: (Google Wallet) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-06]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-08-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-14] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe [71680 2014-01-15] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2012-07-13] (Brother Industries, Ltd.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2014-12-23] (Intel Corporation)
S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [118728 2014-12-23] (Intel Corporation)
S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [92672 2014-12-23] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [88064 2014-12-23] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-31] (Diskeeper Corporation)
R2 FXNADB; C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe [96768 2012-06-20] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-28] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 isupdate.exe; C:\Program Files (x86)\InstallShield\isupdate.exe [43008 2015-01-22] (InstallShield®) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-26] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2630432 2014-11-04] (IObit)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-18] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-18] (McAfee, Inc.)
R2 MF NTFS Monitor; C:\Users\ASUS\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe [456504 2015-01-23] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-17] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2014-12-23] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [50640 2014-12-23] (Intel Corporation)
S3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [42224 2014-12-23] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2014-12-23] (Intel Corporation)
S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [234736 2014-12-23] (Intel Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-31] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-31] (Diskeeper Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-23] (REALiX(tm))
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-12-23] (Intel Corporation)
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2015-01-23] (Windows (R) Win 7 DDK provider)
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] ()
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-28] (NVIDIA Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S1 HssDRV6; \SystemRoot\system32\DRIVERS\hssdrv6.sys [X]
S3 taphss6; \SystemRoot\system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 00:12 - 2015-02-08 00:12 - 00000000 ____D () C:\FRST
2015-02-08 00:11 - 2015-02-08 00:12 - 00000000 ____D () C:\Users\ASUS\Desktop\Troubleshoot Program
2015-02-08 00:11 - 2015-02-08 00:11 - 00000478 _____ () C:\Users\ASUS\Desktop\System info.txt
2015-02-08 00:05 - 2015-02-08 00:05 - 00000631 _____ () C:\WINDOWS\system32\network.txt
2015-02-08 00:05 - 2015-02-08 00:05 - 00000631 _____ () C:\Users\ASUS\Desktop\network.txt
2015-02-07 23:17 - 2015-02-07 23:17 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Clarus
2015-02-05 10:01 - 2015-02-05 10:01 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2015-02-05 10:01 - 2013-08-27 23:42 - 00086035 ____N () C:\WINDOWS\system32\athwbx.cat
2015-02-05 10:01 - 2013-08-15 20:13 - 03859968 ____N (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\athwbx.sys
2015-02-05 10:01 - 2013-08-15 20:13 - 03859968 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athwbx.sys
2015-02-05 00:55 - 2015-02-05 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2015-02-04 23:52 - 2015-02-04 23:52 - 00000298 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Gladwin.job
2015-02-04 23:24 - 2015-02-04 23:32 - 00000000 ____D () C:\AdwCleaner
2015-02-04 23:23 - 2015-02-04 23:23 - 02194432 _____ () C:\Users\ASUS\Downloads\adwcleaner_4.109.exe
2015-02-04 23:09 - 2014-12-07 19:53 - 00452755 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20150204-230941.backup
2015-02-04 23:03 - 2015-02-04 23:03 - 00003859 _____ () C:\Users\ASUS\Downloads\software_removal_tool.log
2015-02-04 22:47 - 2015-02-04 22:47 - 00002279 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-04 22:47 - 2015-02-04 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-04 22:46 - 2015-02-07 23:52 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-04 22:46 - 2015-02-07 22:51 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 22:46 - 2015-02-04 22:46 - 00003888 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 22:46 - 2015-02-04 22:46 - 00003652 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-02 01:24 - 2015-02-02 01:24 - 00008477 _____ () C:\Users\ASUS\Downloads\Invoice 1480331 (01-30-2015).html
2015-02-01 23:29 - 2015-02-07 22:06 - 00003758 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2015-02-01 23:28 - 2015-02-02 20:51 - 00000492 _____ () C:\WINDOWS\Tasks\InstallShield Update Task.job
2015-02-01 23:28 - 2015-02-01 23:28 - 00003224 _____ () C:\WINDOWS\System32\Tasks\InstallShield Update Task
2015-02-01 23:28 - 2015-02-01 23:28 - 00000000 ____D () C:\Program Files (x86)\InstallShield
2015-02-01 22:58 - 2015-02-01 22:59 - 45488338 _____ () C:\Users\ASUS\Downloads\Microsoft Office Professional Plus 2013 -32-64 Bit(Activator)[RareAbyss].rar
2015-01-26 23:41 - 2015-02-07 23:27 - 00000578 _____ () C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002.job
2015-01-22 13:26 - 2015-01-22 13:26 - 00000835 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\slf.lnk
2015-01-22 13:26 - 2015-01-22 13:26 - 00000823 _____ () C:\Users\Public\Desktop\slf.lnk
2015-01-22 13:26 - 2015-01-22 13:26 - 00000000 ____D () C:\Program Files (x86)\slf
2015-01-22 12:27 - 2015-01-06 08:08 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-22 12:27 - 2015-01-06 08:08 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 09:37 - 2015-02-05 10:22 - 00000000 ____D () C:\Users\ASUS\Downloads\Ryan Deiss - Invisible Selling Machine
2015-01-22 09:31 - 2015-01-22 09:30 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-01-20 21:55 - 2014-12-09 03:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-20 21:55 - 2014-12-09 03:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-20 21:55 - 2014-12-09 03:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-20 21:55 - 2014-12-09 03:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-20 21:55 - 2014-12-09 03:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-20 21:55 - 2014-12-09 03:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-20 21:55 - 2014-12-09 03:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-20 21:55 - 2014-12-09 03:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-20 21:55 - 2014-12-06 09:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-15 22:25 - 2015-01-15 22:25 - 00001056 _____ () C:\Users\Public\Desktop\ICCExpress.lnk
2015-01-15 22:25 - 2015-01-15 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Dimensions
2015-01-14 15:07 - 2015-01-14 15:07 - 00004456 _____ () C:\Users\ASUS\Downloads\Keyword Planner 2015-01-14 at 15-07-16.csv
2015-01-14 12:01 - 2014-12-19 14:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 12:01 - 2014-12-12 10:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 12:01 - 2014-12-12 08:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 12:01 - 2014-12-09 09:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 12:01 - 2014-12-06 11:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 12:01 - 2014-12-06 09:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-13 22:58 - 2015-01-13 22:58 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Hobbyist Software
2015-01-13 22:34 - 2015-02-04 23:12 - 00000000 ____D () C:\Program Files (x86)\Hobbyist Software
2015-01-13 22:34 - 2015-01-13 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Setup Helper
2015-01-11 23:10 - 2014-11-16 03:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-11 23:10 - 2014-11-15 14:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-11 23:10 - 2014-11-14 22:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-11 23:10 - 2014-11-14 15:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-11 23:10 - 2014-11-14 14:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-11 23:10 - 2014-11-14 14:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-11 23:10 - 2014-11-14 14:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-11 23:10 - 2014-11-14 14:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-11 23:10 - 2014-11-14 14:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-11 23:10 - 2014-11-14 14:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-11 23:10 - 2014-11-14 14:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-11 23:10 - 2014-11-14 13:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-11 23:10 - 2014-11-14 13:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-11 23:10 - 2014-11-14 13:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-11 23:10 - 2014-11-14 13:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-11 23:10 - 2014-11-14 13:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-11 23:10 - 2014-11-11 08:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-11 23:10 - 2014-11-11 08:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-11 23:10 - 2014-11-11 02:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-11 23:10 - 2014-11-11 02:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-11 23:10 - 2014-11-11 02:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-11 23:10 - 2014-11-11 02:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-11 23:10 - 2014-11-10 10:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-11 23:10 - 2014-11-10 09:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-11 23:10 - 2014-11-10 09:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-11 23:10 - 2014-11-10 09:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-11 23:10 - 2014-11-10 09:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-11 23:10 - 2014-11-10 09:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-11 23:10 - 2014-11-10 09:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-01-11 23:10 - 2014-11-10 09:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-11 23:10 - 2014-11-10 08:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-01-11 23:10 - 2014-11-10 08:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-11 23:10 - 2014-11-08 18:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-01-11 23:10 - 2014-11-08 18:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-01-11 23:10 - 2014-11-08 12:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-01-11 23:10 - 2014-11-08 12:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-01-11 23:10 - 2014-11-08 11:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-01-11 23:10 - 2014-11-08 11:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-01-11 23:10 - 2014-11-08 11:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-01-11 23:10 - 2014-11-08 11:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-01-11 23:10 - 2014-11-08 11:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-01-11 23:10 - 2014-11-08 11:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-01-11 23:10 - 2014-11-08 11:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-01-11 23:10 - 2014-11-08 11:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-01-11 23:10 - 2014-11-08 11:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-01-11 23:10 - 2014-11-08 10:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-01-11 23:10 - 2014-11-08 10:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-01-11 23:10 - 2014-11-08 10:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-01-11 23:10 - 2014-11-08 10:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-01-11 23:10 - 2014-11-08 10:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-11 23:10 - 2014-11-08 09:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-01-11 23:10 - 2014-11-08 09:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-11 23:10 - 2014-11-08 09:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-11 23:10 - 2014-11-07 11:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-11 23:10 - 2014-11-07 11:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-11 23:10 - 2014-11-05 10:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-01-11 23:10 - 2014-11-05 10:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-01-11 23:10 - 2014-11-05 10:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-01-11 23:10 - 2014-11-05 09:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-01-11 23:10 - 2014-11-05 09:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-01-11 23:10 - 2014-11-05 09:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-11 23:10 - 2014-11-05 09:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-01-11 23:10 - 2014-11-05 09:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-01-11 23:10 - 2014-11-05 09:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-01-11 23:10 - 2014-11-05 09:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-01-11 23:10 - 2014-11-05 09:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-01-11 23:10 - 2014-11-05 09:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-11 23:10 - 2014-11-05 09:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-01-11 23:10 - 2014-11-05 09:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-01-11 23:10 - 2014-11-05 03:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-01-11 23:10 - 2014-11-05 03:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-01-11 23:10 - 2014-11-05 03:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-01-11 23:10 - 2014-11-04 14:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-01-11 23:10 - 2014-11-04 14:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-01-11 23:10 - 2014-11-04 14:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-01-11 23:10 - 2014-11-04 14:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-01-11 23:10 - 2014-11-04 14:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-01-11 23:10 - 2014-11-04 13:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-11 23:10 - 2014-10-31 08:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-11 23:10 - 2014-10-31 08:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-11 23:10 - 2014-10-30 13:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-11 23:10 - 2014-10-30 13:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-11 23:10 - 2014-10-30 13:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-11 23:10 - 2014-10-29 11:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-01-11 23:10 - 2014-10-29 10:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-01-11 23:10 - 2014-10-29 10:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-01-11 23:10 - 2014-10-29 09:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-01-11 23:10 - 2014-10-29 09:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-01-11 23:10 - 2014-10-29 09:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-01-11 23:10 - 2014-10-29 09:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-01-11 23:10 - 2014-10-29 09:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-01-11 23:10 - 2014-10-29 09:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-01-11 23:10 - 2014-10-29 09:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-01-11 23:10 - 2014-10-29 09:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-01-11 23:10 - 2014-10-27 06:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-11 23:10 - 2014-10-21 09:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-01-11 23:10 - 2014-10-21 09:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-01-11 23:10 - 2014-10-21 08:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-01-11 23:10 - 2014-10-21 08:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-01-11 23:10 - 2014-10-21 08:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-01-11 23:10 - 2014-10-21 08:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-01-11 23:10 - 2014-10-21 08:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-01-11 23:10 - 2014-10-17 12:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-11 23:10 - 2014-10-17 12:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-11 23:10 - 2014-10-17 12:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-11 23:10 - 2014-10-17 11:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-11 23:09 - 2014-11-18 04:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-11 23:09 - 2014-11-18 04:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-11 23:09 - 2014-11-14 14:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-01-11 23:09 - 2014-11-14 14:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-01-11 23:09 - 2014-11-14 14:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-11 23:09 - 2014-11-14 14:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-11 23:09 - 2014-11-14 14:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-11 23:09 - 2014-11-14 12:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-09 13:19 - 2015-01-09 14:11 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Audacity
2015-01-09 13:18 - 2015-01-09 13:18 - 00001033 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-01-09 13:18 - 2015-01-09 13:18 - 00001021 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-01-09 13:18 - 2015-01-09 13:18 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-01-09 10:09 - 2014-10-31 06:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-01-09 10:09 - 2014-10-31 06:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 00:12 - 2014-04-06 12:47 - 00000000 ___HD () C:\Users\ASUS\.mediafire
2015-02-08 00:02 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-07 23:59 - 2014-02-05 15:36 - 01507787 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-07 23:50 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-07 23:39 - 2014-02-07 10:23 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-07 22:56 - 2014-02-12 22:49 - 09018368 ___SH () C:\Users\ASUS\Downloads\Thumbs.db
2015-02-07 22:35 - 2014-02-06 23:22 - 13922816 ___SH () C:\Users\ASUS\Desktop\Thumbs.db
2015-02-07 22:25 - 2014-02-06 21:03 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\vlc
2015-02-07 22:14 - 2013-11-14 15:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-07 22:07 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\DMCache
2015-02-07 22:06 - 2014-04-06 12:47 - 00000000 ___RD () C:\Users\ASUS\MediaFire
2015-02-07 22:06 - 2014-02-14 12:12 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Copy
2015-02-07 22:06 - 2014-02-05 16:05 - 00000000 __RDO () C:\Users\ASUS\SkyDrive
2015-02-07 22:06 - 2014-02-05 08:50 - 00000062 _____ () C:\Users\ASUS\AppData\Roaming\sp_data.sys
2015-02-07 22:05 - 2014-12-23 18:10 - 00010652 _____ () C:\WINDOWS\setupact.log
2015-02-07 22:05 - 2013-08-22 22:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-05 14:40 - 2014-06-23 03:09 - 00000000 ____D () C:\Users\ASUS\Downloads\Bank Statement
2015-02-05 10:16 - 2014-05-08 18:20 - 00000000 ____D () C:\Users\ASUS\AppData\Local\CrashDumps
2015-02-05 10:02 - 2014-02-05 07:02 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-02-05 09:13 - 2014-02-05 08:51 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-147487581-2992457104-1551078015-1002
2015-02-05 01:13 - 2014-02-10 21:17 - 00000000 ____D () C:\Users\ASUS\Desktop\Shortcuts
2015-02-05 01:07 - 2013-08-22 21:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-05 01:06 - 2014-02-05 11:55 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\IObit
2015-02-05 01:06 - 2014-02-05 11:55 - 00000000 ____D () C:\ProgramData\ProductData
2015-02-05 01:06 - 2014-02-05 11:55 - 00000000 ____D () C:\ProgramData\IObit
2015-02-05 01:06 - 2014-02-05 08:43 - 00000000 ____D () C:\Users\ASUS\AppData\Local\ASUS
2015-02-05 01:06 - 2014-02-05 07:20 - 00000000 ____D () C:\ProgramData\P4G
2015-02-05 00:59 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\registration
2015-02-05 00:36 - 2014-02-05 15:41 - 00000000 ____D () C:\Users\ASUS
2015-02-05 00:22 - 2014-12-11 11:59 - 00000000 ____D () C:\Program Files\Recuva
2015-02-04 23:33 - 2014-12-07 21:07 - 00037310 _____ () C:\WINDOWS\PFRO.log
2015-02-04 23:11 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\IDM
2015-02-04 22:47 - 2014-02-05 12:46 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-04 17:24 - 2014-08-20 23:07 - 00003037 _____ () C:\WINDOWS\wininit.ini
2015-02-04 14:20 - 2012-07-26 15:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-04 13:49 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-04 13:11 - 2014-02-05 16:11 - 00000000 ___RD () C:\Users\ASUS\Dropbox
2015-02-04 13:11 - 2014-02-05 16:10 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Dropbox
2015-02-04 12:04 - 2014-02-08 18:25 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\uTorrent
2015-02-04 12:04 - 2014-02-05 12:47 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Mozilla
2015-02-04 01:06 - 2014-02-05 08:43 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Packages
2015-02-03 00:07 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\ASUS\Downloads\Compressed
2015-02-01 23:29 - 2014-02-05 17:09 - 00000000 ____D () C:\WINDOWS\AutoKMS
2015-01-30 21:51 - 2014-02-05 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-29 21:13 - 2014-02-05 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 23:41 - 2014-04-26 11:28 - 00003580 _____ () C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002
2015-01-26 00:16 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\ASUS\Downloads\Video
2015-01-25 20:39 - 2014-02-07 10:23 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-23 04:07 - 2014-04-06 12:32 - 00020696 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mfmonitor_x64.sys
2015-01-22 13:17 - 2014-09-26 00:52 - 00000000 __SHD () C:\Users\ASUS\wc
2015-01-22 09:33 - 2014-06-16 11:07 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-22 09:30 - 2014-12-23 18:17 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-21 13:21 - 2014-08-17 13:39 - 00004962 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for GLADWIN-Gladwin Gladwin
2015-01-21 10:24 - 2015-01-06 11:24 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\FileZilla
2015-01-18 23:56 - 2014-02-08 18:15 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\.ACEStream
2015-01-18 23:50 - 2014-07-01 00:10 - 00000000 ___HD () C:\_acestream_cache_
2015-01-16 16:58 - 2014-10-25 14:26 - 00000000 ___RD () C:\Users\ASUS\Copy [email protected]
2015-01-15 22:25 - 2014-09-10 15:59 - 00000000 ____D () C:\Users\ASUS\Documents\ICCExpress
2015-01-15 22:25 - 2014-09-10 15:59 - 00000000 ____D () C:\Program Files (x86)\Web Dimensions
2015-01-14 20:05 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-14 19:05 - 2014-02-05 12:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-14 18:54 - 2014-02-05 12:06 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-13 00:20 - 2014-12-23 22:57 - 00000000 ____D () C:\Users\ASUS\Downloads\GKIC_Holiday_Training
2015-01-11 23:59 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-11 23:59 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-11 23:59 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-11 23:59 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-09 23:51 - 2014-04-22 10:20 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Telegram Win (Unofficial)
2015-01-09 14:17 - 2013-08-22 22:44 - 05118432 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2014-08-28 09:34 - 2014-08-28 09:35 - 15000576 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-02-14 13:26 - 2014-02-14 13:26 - 0000088 _____ () C:\Users\ASUS\AppData\Roaming\.95d691779473f3e03bc4b4e56319d74c.key
2014-02-14 13:26 - 2014-02-14 13:26 - 0000088 _____ () C:\Users\ASUS\AppData\Roaming\.c79792229cdae4d8fe4e261fc4d6976b.key
2014-11-14 15:36 - 2014-11-25 18:41 - 0000132 _____ () C:\Users\ASUS\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-02-14 13:27 - 2015-01-06 15:46 - 0000248 _____ () C:\Users\ASUS\AppData\Roaming\RO39-2M3Q
2014-02-05 08:50 - 2015-02-07 22:06 - 0000062 _____ () C:\Users\ASUS\AppData\Roaming\sp_data.sys
2014-06-19 10:28 - 2014-06-19 10:28 - 0000024 _____ () C:\Users\ASUS\AppData\Roaming\temp.ini
2014-11-14 15:45 - 2014-11-14 15:45 - 0001456 _____ () C:\Users\ASUS\AppData\Local\Adobe Save for Web 13.0 Prefs
2012-09-10 19:49 - 2012-09-10 19:49 - 0001050 ____H () C:\Users\ASUS\AppData\Local\{793FD447-37EB-4083-B222-2E447297AF07}
2014-12-23 18:14 - 2014-12-23 18:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-05 09:42 - 2012-07-30 14:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-05 09:42 - 2009-07-22 18:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


Some content of TEMP:
====================
C:\Users\ASUS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnko0rn.dll
C:\Users\ASUS\AppData\Local\Temp\Quarantine.exe
C:\Users\ASUS\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-31 17:34

==================== End Of Log ============================
 

kango88

Thread Starter
Joined
Feb 5, 2015
Messages
153
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015
Ran by Gladwin at 2015-02-08 00:14:17
Running from C:\Users\ASUS\Desktop\Troubleshoot Program
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ace Stream Media 2.2.0-next (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\AceStream) (Version: 2.2.0-next - Ace Stream Media)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
AliG SLF (HKLM-x32\...\com.aligmarketing.slf) (Version: 3.1.2 - Ali G. Marketing LLC)
AliG SLF (x32 Version: 3.1.2 - Ali G. Marketing LLC) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Atheros Outlook Addin 2010 (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\BB108A893815B64BF41C4574C3324FB7371AA244) (Version: 1.0.0.0 - Microsoft)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AudienceMakr (HKLM-x32\...\AudienceMakr) (Version: 1.0.2 - Infomastery, LLC)
AudienceMakr (x32 Version: 1.0.2 - Infomastery, LLC) Hidden
Brother MFL-Pro Suite MFC-9330CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
Copy (HKLM\...\{EE4CEBB9-C0FC-4503-9BC0-1E32B566DE71}) (Version: 1.47.410.0 - Barracuda Networks, Inc.)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
DocuPrint CM205 f_fw (HKLM-x32\...\InstallShield_{82E36284-5E49-4800-9882-0B69D7EEAC2D}) (Version: 1.011.00 - Fuji Xerox)
DocuPrint CM205 f_fw (x32 Version: 1.011.00 - Fuji Xerox) Hidden
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Dropbox (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Explaindio Sketch Line Color Changer (HKLM-x32\...\Coloring) (Version: 0.0.0 - UNKNOWN)
Explaindio Sketch Line Color Changer (x32 Version: 0.0.0 - UNKNOWN) Hidden
Explaindio Video Creator version 1.004 (HKLM-x32\...\{FE60174E-0881-4634-946F-9F9C8672710A}_is1) (Version: 1.004 - Explaindio LLC)
Explaindio Video Creator version 1.009 (HKLM-x32\...\{9E347DDD-DB67-4348-8C96-75E0BBC65407}_is1) (Version: 1.009 - Explaindio LLC)
Explaindio Video Creator version 1.012 (HKLM-x32\...\{C38A770F-F857-4357-84ED-FF71D8DE90BF}_is1) (Version: 1.012 - Explaindio LLC)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 6.4.11.2273 (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\GoToMeeting) (Version: 6.4.11.2273 - CitrixOnline)
GSA Email Spider v7.13 (HKLM-x32\...\GSA Email Spider_is1) (Version: 7.13 - GSA Software)
GSA Search Engine Ranker v9.42 (HKLM-x32\...\GSA Search Engine Ranker_is1) (Version: 9.42 - GSA Software)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Instant Content Curator Express (HKLM-x32\...\com.webdimensions.instantcontentcurator.express) (Version: 2.0.8 - Web Dimensions, Inc.)
Instant Content Curator Express (x32 Version: 2.0.8 - Web Dimensions, Inc.) Hidden
Instant Eyedropper 1.75 (HKLM-x32\...\Instant Eyedropper_is1) (Version: - )
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.7.1084 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Last Man (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Last Man) (Version: - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
LongTailPro - Version 2.4.28 (HKLM-x32\...\com.longtailpro.LongTailPro) (Version: 2.4.28 - Long Tail Media, LLC)
LongTailPro - Version 2.4.28 (x32 Version: 2.4.28 - Long Tail Media, LLC) Hidden
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.38 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.38 - Alliance Software Pty Ltd) Hidden
MediaFire Desktop (HKLM-x32\...\MediaFire Desktop 0.10.21.9247) (Version: 1.4.16.10766 - MediaFire)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Lead Monster (HKLM-x32\...\MobileLeadMonster) (Version: 1.0 - Axiom Marketing Inc.)
Mobile Lead Monster (x32 Version: 1.0 - Axiom Marketing Inc.) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 Skype recorder (HKLM-x32\...\{9AFDC558-9575-48B8-BC39-CCAACB8DC05E}) (Version: 4.4.1.0 - Alexander Nikiforov)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
NZ Financial MT4 Terminal (HKLM-x32\...\NZ Financial MT4 Terminal) (Version: 4.00 - MetaQuotes Software Corp.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguin Recovery Jeet (HKLM-x32\...\Penguin Recovery Jeet_is1) (Version: 1.0 - Teknikforce)
PureVPN (HKLM-x32\...\PureVPN_is1) (Version: 3.2 - PureVPN)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.210 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.172 - Clarus, Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype&#8482; 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SMSCaster E-Marketer GSM Enterprise v3.6 (HKLM-x32\...\SMSCaster E-Marketer GSM Enterprise_is1) (Version: v3.6 (build 1071) - SDJ Software Limited)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Spotify (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
StreamTorrent 1.0 (HKLM-x32\...\StreamTorrent 1.0) (Version: - )
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Telegram Desktop version 0.7.4 (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.7.4 - Telegram Messenger LLP)
Update for CHS Microsoft IME HAP Dictionary (Version: 16.0.858.1 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.01) (Version: 1.01 - Webvati)
VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.04) (Version: 1.04 - Webvati)
VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.05) (Version: 1.05 - Webvati)
VideoMakerFX (x32 Version: 1.01 - Webvati) Hidden
VideoMakerFX (x32 Version: 1.05 - Webvati) Hidden
VideoMakerFX Josh Ratta Bonus Scenes (HKLM-x32\...\{E7CAFBCF-1A20-4AF8-AE0E-89A8282CCA46}) (Version: 1.0 - Webvati)
VideoMakerFX ProThemes August Addon 1.0 (HKLM-x32\...\{BC117729-A0EA-48CF-941E-6F12EFB7D71E}) (Version: 1.0 - Webvati)
VideoMakerFX ProThemes December Addon 1.0 (HKLM-x32\...\{F5AEF14E-731A-4875-B55D-1561E2F87722}) (Version: 1.0 - Webvati)
VideoMakerFX ProThemes July Addon 1.0 (HKLM-x32\...\{BDAA3BD7-1BA0-4727-B99F-89FD45A1D15A}) (Version: 1.0 - Webvati)
VideoMakerFX ProThemes June Addon 1.0 (HKLM-x32\...\{AE11668B-174C-461F-8A4D-5AEF54DD3B5F}) (Version: 1.0 - Webvati)
VideoMakerFX ProThemes May Addon 1.0 (HKLM-x32\...\{6073BA7B-671F-4F41-AA93-05164AAE6A72}) (Version: 1.0 - Webvati)
VideoMakerFX ProThemes November Addon 1.0 (HKLM-x32\...\{23CFA575-AD8D-48AD-971D-EF76F70FC94F}) (Version: 1.0 - Webvati)
VideoMakerFX ProThemes October Addon 1.0 (HKLM-x32\...\{C7F12978-67A4-45F3-9010-9F94BC730894}) (Version: 1.0 - Webvati)
VideoMakerFX ProThemes September Addon 1.0 (HKLM-x32\...\{703AEFFE-6830-4BEB-A697-62D5566A7557}) (Version: 1.0 - Webvati)
VideoMakerFX VideoProfitFX Add On 1.0 (HKLM-x32\...\{8F99303E-4E46-45DC-964D-649DBC72B717}) (Version: 1.0 - Webvati)
VideoMakerFX Webinar Bonus Kinetic Special Scenes (HKLM-x32\...\{1895C465-14C6-4AEB-8478-13F0A1953282}) (Version: 1.0 - Webvati)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC Setup Helper (HKLM-x32\...\VLC Setup Helper_is1) (Version: - )
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.8.381 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\ASUS\AppData\Local\Citrix\GoToMeeting\1865\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

07-02-2015 23:41:03 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-11-13 11:30 - 2015-02-04 23:09 - 00452879 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1742358F-8846-4E9D-8697-745671B47E51} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {1EC4E477-8FB4-4785-8F1C-B28E2F00A284} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-25] (ASUS)
Task: {231A1BC4-7F52-433B-BA49-DAC21ED77E2C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {25D85311-5B21-456E-A38D-66D2A4E80951} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
Task: {275ADBFC-8958-496E-9374-8D0A637CF457} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-02-01] ()
Task: {290E0ECC-80AC-4EF3-B407-4A57DA304B36} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {32738391-2504-47E2-AB27-3F73C61CD016} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {35631E60-74ED-44BE-9C60-43DC09DA1993} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {3B5951F4-199B-490D-922E-06D0B82A59A9} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-19] (ASUSTek Computer Inc.)
Task: {3C3C1EA3-2DAE-4B67-921E-D4A2A529B8C4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {453A192F-EFE2-4E59-8DB3-DF1E1F1EAA85} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-30] ()
Task: {48BC6164-F3B2-4DD2-B8EB-BFF8A59B9E6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {63A5081D-D5AD-495D-9006-1519CB6CB077} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-30] (ASUS)
Task: {78CDE10B-3C8A-496A-9D53-0E2A2A2B2A22} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8006A781-C47E-4391-BCE9-EDCC3A3492D6} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-25] (ASUS)
Task: {82AA3937-45DC-4A88-955B-05EFCC1B721E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {93310510-D537-4AFE-B82D-ACC79E312AC0} - System32\Tasks\ASC8_SkipUac_Gladwin => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-07] (IObit)
Task: {9411BCD0-CBCE-4E6F-9E4A-C6C5743A2F6F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-23] (ASUSTeK Computer Inc.)
Task: {97DAD6E6-1844-4F80-A827-CFC2AA087E3A} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-17] (AsusTek)
Task: {A1E533F8-F20E-4D0F-89D0-771BCE3B0147} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-05] ()
Task: {E10CE05D-CD0F-4E10-A184-B9E613977FC6} - System32\Tasks\CLARUS_DRIVE_MANAGER\Clarus_Drive_Manager => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe [2013-12-18] (Clarus, Inc.)
Task: {F0BBFD4C-5614-49DB-8CA1-69D298C40533} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F50BA656-7650-4D52-8358-18794A1F735F} - System32\Tasks\InstallShield Update Task => Wscript.exe //nologo //E:jscript //B "C:\Program Files (x86)\InstallShield\isupdate.ini"
Task: {F9D63969-0932-4E38-A93A-91E6D66279D8} - System32\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002 => C:\Users\ASUS\AppData\Local\Citrix\GoToMeeting\2273\g2mupdate.exe [2015-01-26] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {F9FCC539-8746-42FF-9391-A5AB01EE4EA8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for GLADWIN-Gladwin Gladwin => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002.job => C:\Users\ASUS\AppData\Local\Citrix\GoToMeeting\2273\g2mupdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1cf8e99a9971846.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1cfedc1168c14f4.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1cfffdbc8a5ac38.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\InstallShield Update Task.job => C:\WINDOWS\system32\wscript.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Gladwin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) ==============

2013-12-10 08:13 - 2014-03-04 22:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-02-05 15:36 - 2014-03-04 21:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-11-18 10:02 - 2011-11-18 10:02 - 00023040 _____ () C:\WINDOWS\System32\fxhk4alm.dll
2012-06-20 12:21 - 2012-06-20 12:21 - 00096768 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe
2014-04-06 12:32 - 2015-01-23 04:39 - 00456504 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
2014-12-02 17:11 - 2005-04-22 12:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2012-08-25 09:26 - 2012-08-25 09:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-11-30 09:15 - 2012-11-30 09:15 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-02 03:29 - 2014-05-02 03:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-09-30 11:02 - 2012-09-30 11:02 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-09-30 10:59 - 2012-09-30 10:59 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-09-30 11:01 - 2012-09-30 11:01 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-01-28 17:46 - 2014-09-25 13:57 - 00027904 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\ace_engine.exe
2014-04-06 12:32 - 2015-01-23 04:39 - 04002120 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_watch.exe
2014-04-06 12:32 - 2015-01-23 04:39 - 01228616 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_hub.exe
2014-04-06 12:32 - 2015-01-23 04:39 - 04672328 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\MediaFire Desktop.exe
2014-04-06 12:32 - 2015-01-23 04:39 - 04242760 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_filetransfer.exe
2014-04-06 12:32 - 2015-01-23 04:39 - 03957064 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_browser.exe
2014-07-09 10:55 - 2007-10-17 16:22 - 00352256 _____ () C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe
2015-01-23 23:40 - 2015-01-23 23:40 - 02092544 _____ () C:\Users\ASUS\AppData\Roaming\Copy\Gui.dll
2015-01-23 23:40 - 2015-01-23 23:40 - 08212480 _____ () C:\Users\ASUS\AppData\Roaming\Copy\Brt.dll
2015-01-23 23:40 - 2015-01-23 23:40 - 09276928 _____ () C:\Users\ASUS\AppData\Roaming\Copy\AgentSync.dll
2015-01-23 23:40 - 2015-01-23 23:40 - 05327872 _____ () C:\Users\ASUS\AppData\Roaming\Copy\CloudSync.dll
2014-04-06 12:32 - 2015-01-23 04:39 - 09501000 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_central_control.exe
2014-04-06 12:32 - 2015-01-23 04:39 - 02406216 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_monitor.exe
2014-04-06 12:32 - 2015-01-23 04:39 - 07139144 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_dialogs.exe
2012-06-20 12:21 - 2012-06-20 12:21 - 00248320 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmW.exe
2012-06-20 12:21 - 2012-06-20 12:21 - 00229376 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmwj.exe
2014-01-10 13:26 - 2014-01-10 13:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-03-29 19:18 - 2013-03-29 19:18 - 00026744 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\ace_update.exe
2014-11-21 11:41 - 2014-07-11 16:04 - 01106720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
2014-11-21 11:41 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2014-06-02 00:07 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-02 00:07 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-02 00:07 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-02 00:07 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-02 00:07 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-02-05 00:54 - 2014-06-06 13:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2015-02-05 00:54 - 2014-06-06 13:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2015-02-05 00:54 - 2014-06-06 13:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2015-02-05 00:54 - 2014-06-06 13:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2014-01-28 17:46 - 2014-11-28 13:46 - 00249856 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd
2011-06-12 21:09 - 2011-06-12 21:09 - 00038400 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_socket.pyd
2011-06-12 21:09 - 2011-06-12 21:09 - 00720896 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd
2013-11-27 23:50 - 2013-11-27 23:50 - 00018944 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd
2011-06-12 21:06 - 2011-06-12 21:06 - 00287232 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd
2014-01-28 17:45 - 2014-11-28 13:46 - 01732096 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd
2014-01-23 19:37 - 2014-01-23 19:37 - 00036352 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd
2013-12-21 21:20 - 2013-12-21 21:20 - 00053248 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_blist.pyd
2011-06-12 21:06 - 2011-06-12 21:06 - 00106496 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd
2013-12-21 21:20 - 2013-12-21 21:20 - 00040448 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd
2011-06-12 21:06 - 2011-06-12 21:06 - 00011776 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\select.pyd
2011-01-19 05:56 - 2011-01-19 05:56 - 00334336 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd
2011-06-12 21:06 - 2011-06-12 21:06 - 00152576 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd
2011-02-13 23:02 - 2011-02-13 23:02 - 00031232 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd
2014-01-28 17:55 - 2014-11-28 13:46 - 03083264 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd
2012-02-08 00:37 - 2012-02-08 00:37 - 00098816 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\win32api.pyd
2012-02-08 00:35 - 2012-02-08 00:35 - 00110080 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll
2012-02-08 00:38 - 2012-02-08 00:38 - 00358912 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll
2012-02-08 00:36 - 2012-02-08 00:36 - 00111616 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\win32file.pyd
2012-02-08 00:36 - 2012-02-08 00:36 - 00024064 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd
2010-10-11 06:23 - 2010-10-11 06:23 - 00723968 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\apsw.pyd
2013-01-30 00:20 - 2013-01-30 00:20 - 00082944 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd
2011-07-16 03:37 - 2011-07-16 03:37 - 00981504 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 00746496 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 00670720 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 00966144 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 00674816 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd
2011-06-12 21:06 - 2011-06-12 21:06 - 00688128 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd
2013-12-21 21:02 - 2013-12-21 21:02 - 00061952 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd
2013-01-30 00:20 - 2013-01-30 00:20 - 00066048 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd
2014-04-06 12:32 - 2015-01-23 04:23 - 00112142 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\libgcc_s_dw2-1.dll
2014-04-06 12:32 - 2015-01-23 04:23 - 01000974 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\libstdc++-6.dll
2014-07-05 14:20 - 2015-01-23 04:08 - 04188400 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\libsqlite3cc.dll
2014-04-06 12:32 - 2015-01-23 04:07 - 00042496 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\win32overlay.dll
2014-11-21 11:41 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2014-04-06 12:32 - 2015-01-23 04:07 - 00007680 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mfmonitor.dll
2014-01-10 13:28 - 2014-01-10 13:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-12-10 08:13 - 2014-03-04 22:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-22 08:22 - 2014-10-22 08:22 - 00750080 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-07 22:06 - 2015-02-07 22:06 - 00043008 _____ () c:\users\asus\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnko0rn.dll
2014-10-22 08:22 - 2014-10-22 08:22 - 00047616 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 08:22 - 2014-10-22 08:22 - 00863744 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 08:22 - 2014-10-22 08:22 - 00200704 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2011-06-12 21:09 - 2011-06-12 21:09 - 00038400 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\_socket.pyd
2011-06-12 21:09 - 2011-06-12 21:09 - 00720896 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd
2011-07-16 03:37 - 2011-07-16 03:37 - 00981504 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 00746496 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 00670720 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 00966144 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 00674816 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd
2011-06-12 21:06 - 2011-06-12 21:06 - 00287232 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd
2011-01-19 05:56 - 2011-01-19 05:56 - 00334336 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd
2011-06-12 21:06 - 2011-06-12 21:06 - 00011776 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\select.pyd
2011-06-12 21:06 - 2011-06-12 21:06 - 00152576 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd
2012-02-08 00:37 - 2012-02-08 00:37 - 00098816 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\win32api.pyd
2012-02-08 00:35 - 2012-02-08 00:35 - 00110080 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll
2012-02-08 00:38 - 2012-02-08 00:38 - 00358912 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll
2012-02-08 00:36 - 2012-02-08 00:36 - 00111616 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\win32file.pyd
2012-02-08 00:36 - 2012-02-08 00:36 - 00024064 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd
2014-02-05 07:06 - 2012-06-26 02:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-02-05 11:55 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2014-02-05 11:55 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2014-02-05 11:55 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-11-21 11:41 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2014-11-21 11:41 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2014-11-21 11:41 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-02-08 00:13 - 2015-02-08 00:13 - 00706560 _____ () C:\Users\ASUS\AppData\Local\Temp\is-7V26G.tmp\mbam-setup-2.0.4.1028.tmp
2015-02-08 00:13 - 2015-02-08 00:13 - 00706560 _____ () C:\Users\ASUS\AppData\Local\Temp\is-UTF4B.tmp\mbam-setup-2.0.4.1028.tmp

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\ASUS\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-147487581-2992457104-1551078015-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\ASUS\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\asus.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-147487581-2992457104-1551078015-500 - Administrator - Disabled)
Gladwin (S-1-5-21-147487581-2992457104-1551078015-1002 - Administrator - Enabled) => C:\Users\ASUS
Guest (S-1-5-21-147487581-2992457104-1551078015-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-147487581-2992457104-1551078015-1004 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Intel(R) Dynamic Platform & Thermal Framework Driver
Description: Intel(R) Dynamic Platform & Thermal Framework Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: DptfManager
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Virtual Bluetooth Support
Description: Virtual Bluetooth Support
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: DptfDevGen
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: DptfDevGen
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: DptfDevGen
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: DptfDevGen
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
Description: DptfPolicyCriticalServiceServiceMain: ServiceStart() failed.

Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
Description: DptfPolicyCriticalServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
Description: DptfPolicyCriticalServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

Error: (02/07/2015 10:06:19 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.

Error: (02/07/2015 10:06:19 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005]

Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
Description: DptfPolicyCriticalServiceServiceMain: ServiceStart() failed.


System errors:
=============
Error: (02/07/2015 10:05:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Platform Services service failed to start due to the following error:
%%1053

Error: (02/07/2015 10:05:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.

Error: (02/07/2015 10:05:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee OOBE Service2 service failed to start due to the following error:
%%1053

Error: (02/07/2015 10:05:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee OOBE Service2 service to connect.

Error: (02/07/2015 10:05:39 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Error: (02/05/2015 00:38:33 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (02/05/2015 10:14:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Platform Services service failed to start due to the following error:
%%1053

Error: (02/05/2015 10:14:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.

Error: (02/05/2015 10:14:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee OOBE Service2 service failed to start due to the following error:
%%1053

Error: (02/05/2015 10:14:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee OOBE Service2 service to connect.


Microsoft Office Sessions:
=========================
Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
Description: DptfPolicyCriticalServiceServiceMain: ServiceStart() failed.

Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
Description: DptfPolicyCriticalServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
Description: DptfPolicyCriticalServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

Error: (02/07/2015 10:06:19 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.

Error: (02/07/2015 10:06:19 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005]

Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
Description: DptfPolicyCriticalServiceServiceMain: ServiceStart() failed.


CodeIntegrity Errors:
===================================
Date: 2015-02-07 23:32:45.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-07 22:50:33.203
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-07 22:50:33.031
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-07 22:50:32.844
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-07 22:50:32.515
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-07 22:50:32.312
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-07 22:50:32.140
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-07 22:50:30.218
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-07 22:50:29.922
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-07 22:50:29.609
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 49%
Total physical RAM: 8077.59 MB
Available physical RAM: 4039.85 MB
Total Pagefile: 10637.59 MB
Available Pagefile: 6229.09 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:64.73 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:1.11 GB) NTFS
Drive e: () (Fixed) (Total:7.45 GB) (Free:1.65 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 185485F0)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: BC223D42)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 570BFEDA)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

==================== End Of Log ============================

-----------------------------------------------------------------------------------------------------------------------
Farbar Service Scanner

Farbar Service Scanner Version: 17-01-2015
Ran by Gladwin (administrator) on 08-02-2015 at 01:04:14
Running from "C:\Users\ASUS\Desktop\Troubleshoot Program"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

-------------------------------------------------------------------------------------------------------------------------
Using the file routercheck.bat


Windows IP Configuration

Host Name . . . . . . . . . . . . : Gladwin
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 2C-D0-5A-41-63-DF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Ping request could not find host yahoo.com. Please check the name and try again.
===========================================================================
Interface List
6...2c d0 5a 41 63 df ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

------------------------------------------------------------------------------------------------------------------------------
Minibox

MiniToolBox by Farbar Version: 30-11-2014
Ran by Gladwin (administrator) on 08-02-2015 at 00:56:20
Running from "C:\Users\ASUS\Desktop\Troubleshoot Program"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

"Reset FF Proxy Settings": Firefox Proxy settings were reset.


**** End of log ****

MiniToolBox by Farbar Version: 30-11-2014
Ran by Gladwin (administrator) on 08-02-2015 at 00:59:00
Running from "C:\Users\ASUS\Desktop\Troubleshoot Program"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================




127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15543 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Qualcomm Atheros AR9485WB-EG Wireless Network Adapter = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Gladwin
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 2C-D0-5A-41-63-DF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
6...2c d0 5a 41 63 df ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

**** End of log ****
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Post the AdwCleaner logs available in the C:\AdwCleaner folder.
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Reinstall Hotspot Shield. Download the installer from another computer and save it on a Flash drive. Insert on the troubled computer and reinstall.

After a restart, see if you have and internet connection.
 

kango88

Thread Starter
Joined
Feb 5, 2015
Messages
153
1st time

# AdwCleaner v4.109 - Report created 04/02/2015 at 23:24:12
# Updated 24/01/2015 by Xplode
# Database : 2015-02-03.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : Gladwin - GLADWIN
# Running from : C:\Users\ASUS\Downloads\adwcleaner_4.109.exe
# Option : Scan

***** [ Services ] *****

Service Found : hshld
Service Found : hsstrayservice
Service Found : hsswd

***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
File Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\conduit-search.xml
File Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\default-search.xml
File Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\yahoo_ff.xml
File Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\user.js
File Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\tm82nflx.default\searchplugins\yahoo_ff.xml
File Found : C:\Users\Public\Desktop\Hotspot Shield.lnk
File Found : C:\WINDOWS\System32\drivers\hssdrv6.sys
File Found : C:\WINDOWS\System32\drivers\taphss6.sys
Folder Found : C:\Program Files (x86)\hotspot shield
Folder Found : C:\ProgramData\hotspot shield
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Found : C:\ProgramData\smdmf
Folder Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj
Folder Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgbcffenncokfocljomejddmgcpppjom
Folder Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
Folder Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
Folder Found : C:\Users\ASUS\AppData\Roaming\FirefoxToolbar
Folder Found : C:\Users\ASUS\AppData\Roaming\hotspot shield
Folder Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected]
Folder Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected]
Folder Found : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield
Folder Found : C:\WINDOWS\SysWOW64\hotspot shield

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\ASUS\AppData\Local\Linkey\IEExtension\ietlb.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\ASUS\AppData\Local\Linkey\IEExtension\ietlb64.dll
Key Found : HKCU\Software\Google\Chrome\Extensions\kpckgflgdapkpabemgkielbefdildaio
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Found : HKCU\Software\systweak
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Key Found : [x64] HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
Key Found : HKLM\SOFTWARE\Classes\AppID\iedll.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fgbcffenncokfocljomejddmgcpppjom
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
Key Found : HKLM\SOFTWARE\hotspotshield
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Found : HKLM\SOFTWARE\SmdmF
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [[email protected]]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v35.0.1 (x86 en-US)

[8aqpcbli.default] - Line Found : user_pref("browser.search.hiddenOneOffs", "default-search.net");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var1", "0");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var10", "0");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var2", "0");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var3", "0");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var4", "0");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var5", "0");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var6", "0");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var7", "0");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var8", "0");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var9", "0");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.cache.tbs_include_xml_spd", "52/15/30/10/113");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.firstlaunch", "0");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.guid", "%7BB9BC7BEC-34B7-644B-BCC1-9DF36BEEA241%7D");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.userId", "%12");
[8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader_installed_version", "3.2.0");
[tm82nflx.default] - Line Found : user_pref("browser.startup.homepage", "hxxp://sg.search.yahoo.com/?type=599486&fr=spigot-yhp-ff");

-\\ Google Chrome v40.0.2214.94


*************************

AdwCleaner[R0].txt - [8705 octets] - [04/02/2015 23:24:12]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8765 octets] ##########

# AdwCleaner v4.109 - Report created 04/02/2015 at 23:26:13
# Updated 24/01/2015 by Xplode
# Database : 2015-02-03.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : Gladwin - GLADWIN
# Running from : C:\Users\ASUS\Downloads\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : hshld
[#] Service Deleted : hsstrayservice
Service Deleted : hsswd

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\hotspot shield
Folder Deleted : C:\ProgramData\smdmf
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files (x86)\hotspot shield
Folder Deleted : C:\WINDOWS\SysWOW64\hotspot shield
Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield
Folder Deleted : C:\Users\ASUS\AppData\Roaming\FirefoxToolbar
Folder Deleted : C:\Users\ASUS\AppData\Roaming\hotspot shield
Folder Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected]
Folder Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected]
Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgbcffenncokfocljomejddmgcpppjom
Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj
File Deleted : C:\Users\Public\Desktop\Hotspot Shield.lnk
File Deleted : C:\WINDOWS\System32\drivers\taphss6.sys
File Deleted : C:\WINDOWS\System32\drivers\hssdrv6.sys
File Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\default-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
File Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\user.js
File Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\yahoo_ff.xml
File Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\tm82nflx.default\searchplugins\yahoo_ff.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fgbcffenncokfocljomejddmgcpppjom
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
Key Deleted : HKCU\Software\Google\Chrome\Extensions\kpckgflgdapkpabemgkielbefdildaio
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\iedll.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\hotspotshield
Key Deleted : HKLM\SOFTWARE\SmdmF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\ASUS\AppData\Local\Linkey\IEExtension\ietlb.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\ASUS\AppData\Local\Linkey\IEExtension\ietlb64.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v35.0.1 (x86 en-US)

[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("browser.search.hiddenOneOffs", "default-search.net");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var1", "0");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var10", "0");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var2", "0");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var3", "0");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var4", "0");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var5", "0");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var6", "0");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var7", "0");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var8", "0");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var9", "0");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.cache.tbs_include_xml_spd", "52/15/30/10/113");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.firstlaunch", "0");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.guid", "%7BB9BC7BEC-34B7-644B-BCC1-9DF36BEEA241%7D");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.userId", "%12");
[8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader_installed_version", "3.2.0");
[tm82nflx.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://sg.search.yahoo.com/?type=599486&fr=spigot-yhp-ff");

-\\ Google Chrome v40.0.2214.94


*************************

AdwCleaner[R0].txt - [8897 octets] - [04/02/2015 23:25:34]
AdwCleaner[S0].txt - [8517 octets] - [04/02/2015 23:26:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8577 octets] ##########
 

kango88

Thread Starter
Joined
Feb 5, 2015
Messages
153
2nd time

# AdwCleaner v4.109 - Report created 04/02/2015 at 23:31:19
# Updated 24/01/2015 by Xplode
# Database : 2015-01-24.3 [Local]
# Operating System : Windows 8.1 (64 bits)
# Username : Gladwin - GLADWIN
# Running from : C:\Users\ASUS\Downloads\adwcleaner_4.109.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : [x64] HKLM\SOFTWARE\Linkey
Key Found : [x64] HKLM\SOFTWARE\LINKEY

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v35.0.1 (x86 en-US)


-\\ Google Chrome v40.0.2214.94

[C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [8897 octets] - [04/02/2015 23:25:34]
AdwCleaner[R1].txt - [1194 octets] - [04/02/2015 23:31:19]
AdwCleaner[S0].txt - [8693 octets] - [04/02/2015 23:26:20]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1314 octets] ##########

# AdwCleaner v4.109 - Report created 04/02/2015 at 23:32:47
# Updated 24/01/2015 by Xplode
# Database : 2015-01-24.3 [Local]
# Operating System : Windows 8.1 (64 bits)
# Username : Gladwin - GLADWIN
# Running from : C:\Users\ASUS\Downloads\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Linkey

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v35.0.1 (x86 en-US)


-\\ Google Chrome v40.0.2214.94

[C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [8897 octets] - [04/02/2015 23:25:34]
AdwCleaner[R1].txt - [1402 octets] - [04/02/2015 23:32:18]
AdwCleaner[S0].txt - [8693 octets] - [04/02/2015 23:26:20]
AdwCleaner[S1].txt - [1287 octets] - [04/02/2015 23:32:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1347 octets] ##########
 

kango88

Thread Starter
Joined
Feb 5, 2015
Messages
153
Thanks!Surprisingly installing back hotspot shield made the internet work again.

However, the unknown virus/malware affecting Google, yahoo and bing still exist. Can help with that?
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)
  • Select the language and click OK.
  • Accept the agreement
  • Make sure a checkmark is placed next to Enable the Free Trial and Launch [*]Malwarebytes' Anti-Malware, then click on finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Scan Now".
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click on Quanrantee All,.
  • When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
  • Upon restart, launch Malwarebytes Antimalware and select History.
  • Double click on the last scan done, then on Copy to Clipboard.
  • Right click on your next reply and select Paste.
  • Submit your reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
 

kango88

Thread Starter
Joined
Feb 5, 2015
Messages
153
Hi, I cannot see the last scan button after going to history. But this is the scan log i found from the log folder. Done 2 scans for computer A

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/02/08 00:17:23 +0800</date>
<logfile>mbam-log-2015-02-08 (00-17-23).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.4.1028</version>
<malware-database>v2014.11.20.06</malware-database>
<rootkit-database>v2014.11.18.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 8.1</osversion>
<arch>x64</arch>
<username>Gladwin</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>370341</objects>
<time>1618</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>4</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<file><path>C:\$Recycle.Bin\S-1-5-21-147487581-2992457104-1551078015-1002\$R5MVSUM.exe</path><vendor>PUP.Optional.Unizeto</vendor><action>success</action><hash>ed19f04e46367abc7476724f4fb5d927</hash></file>
<file><path>C:\$Recycle.Bin\S-1-5-21-147487581-2992457104-1551078015-1002\$RV6ANPY.exe</path><vendor>PUP.Optional.InstalleRex</vendor><action>success</action><hash>bc4afb439ce05ed887c0abe633ce53ad</hash></file>
<file><path>C:\$Recycle.Bin\S-1-5-21-147487581-2992457104-1551078015-1002\$R9JRXGJ.exe</path><vendor>PUP.Optional.InstalleRex</vendor><action>success</action><hash>10f61a24bcc0ad89427c544d0af7a25e</hash></file>
<file><path>C:\$Recycle.Bin\S-1-5-21-147487581-2992457104-1551078015-1002\$RQMJ4B7.exe</path><vendor>PUP.Optional.InstalleRex</vendor><action>success</action><hash>b94dd46a027ac373db7bfb9522df7888</hash></file>
</items>
</mbam-log>

--------------------------------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/02/08 10:47:37 +0800</date>
<logfile>mbam-log-2015-02-08 (10-47-36).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.4.1028</version>
<malware-database>v2015.02.08.01</malware-database>
<rootkit-database>v2015.02.03.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 8.1</osversion>
<arch>x64</arch>
<username>Gladwin</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>388317</objects>
<time>2008</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>1</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<file><path>C:\Users\ASUS\AppData\Local\Temp\Quarantine.exe</path><vendor>Trojan.Agent</vendor><action>success</action><hash>0af714081674aa8ca4b0bf5e50b2cd33</hash></file>
</items>
</mbam-log>
 

kango88

Thread Starter
Joined
Feb 5, 2015
Messages
153
For computer B (windows 7 in macbook bootcamp), nothing is detected
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Reset your browsers to default. For instructions see here.

Let me know the outcome.
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
  • Run the ESET Online Scanner.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the
    button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the
    icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
 

kango88

Thread Starter
Joined
Feb 5, 2015
Messages
153
C:\Users\All Users\IObit\ASCDownloader\Advanced SystemCare.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF30.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF31.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF32.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF33.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF34.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF4.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF5.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF6.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF7.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF8.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF9.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\ASUS\Downloads\Programs\FileZilla_3.9.0.6_win32-setup.exe a variant of Win32/InstallCore.UE potentially unwanted application
C:\Users\ASUS\Downloads\Programs\javaupdate_setup.exe a variant of Win32/AdWare.iBryte.BJ application
C:\Users\ASUS\Dropbox\(Myself)\Software Download\SEO PowerSuite 2013 KeyGen - BlackNinjx\SEO PowerSuite 2013 KeyGen - BlackNinjx.exe a variant of MSIL/Packed.Confuser.A potentially unwanted application
C:\$Recycle.Bin\S-1-5-21-147487581-2992457104-1551078015-1002\$R0MMFNL.exe Win32/ELEX.AY potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\newtab.html.vir Win32/AztecMedia.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF10.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF11.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF12.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF13.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF14.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF15.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF16.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF17.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF18.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF19.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF2.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF20.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF21.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF22.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF23.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF24.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF25.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF26.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF27.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF28.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF29.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF30.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF31.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF32.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF33.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF34.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF4.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF5.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF6.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF7.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF8.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF9.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\ProgramData\IObit\ASCDownloader\Advanced SystemCare.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\newtab.html.vir Win32/AztecMedia.A potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF10.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF11.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF12.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF13.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF14.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF15.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF16.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF17.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF18.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF19.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF2.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF20.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF21.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF22.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF23.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF24.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF25.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF26.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF27.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF28.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF29.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top