1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

DNS Lookup Failed (Cannot access internet) Upon Removing of unknown malware

Discussion in 'Virus & Other Malware Removal' started by kango88, Feb 7, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    Hi,

    Some background about what happened first. First, one day i realised my internet browsers for computer A running on windows 8.1 have been infected by some virus as my Google search on my Chrome and IE looks weird (Google logo and blue arrow missing)
    [​IMG]
    After which, i tried to find out what's wrong by scanning with various software such as windows defender and spybot s&d but nothing was found. After which i turned to using Adwcleaner after finding it online. Upon using it twice, my internet stopped working and I'm seeing this messsage on my Internet Explorer (Google is the homepage)
    "DNS Lookup for "www.google.com" failed. The system reports that no network connection is available. System.Net.Sockets.SocketException No such host is known"

    This is the first problem. For the second problem, after computer A is down, I imported my Chrome profiles from computer A to computer B (A macbook runnning windows 7 in bootcamp) and now my internet browsers in computer B are infected with the same unknown virus of having a weird looking Google search and not being able to access both yahoo and bing search.

    I've tried some of the method in http://forums.techguy.org/virus-other-malware-removal/ but still cannot get my internet back working on computer A and find the unknown virus in computer B.

    Can you help me solve the internet problem in computer A first? I'll post the reports I've generated using the various software mentioned in the other thread

    Thanks
     
  2. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    Sysinfo

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 8.1, 64 bit
    Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz, Intel64 Family 6 Model 58 Stepping 9
    Processor Count: 4
    RAM: 8077 Mb
    Graphics Card: NVIDIA GeForce GT 740M, -2048 Mb
    Hard Drives: C: Total - 190423 MB, Free - 66674 MB; D: Total - 264346 MB, Free - 1139 MB; E: Total - 7629 MB, Free - 1686 MB;
    Motherboard: ASUSTeK COMPUTER INC., K46CB
    Antivirus: Windows Defender, Disabled

    --------------------------------------------------------------------------------------------------------------------------
    FRST
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
    Ran by Gladwin (administrator) on GLADWIN on 08-02-2015 00:12:55
    Running from C:\Users\ASUS\Desktop\Troubleshoot Program
    Loaded Profiles: Gladwin (Available profiles: Gladwin)
    Platform: Windows 8.1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
    () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
    (InstallShield®) C:\Program Files (x86)\InstallShield\isupdate.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    () C:\Users\ASUS\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
    (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
    (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
    () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
    (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
    (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
    (Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
    (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
    (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
    (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe
    () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\ace_engine.exe
    (Spotify Ltd) C:\Users\ASUS\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    (Google Inc.) C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
    () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_watch.exe
    () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_hub.exe
    (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
    () C:\Users\ASUS\AppData\Local\MediaFire Desktop\MediaFire Desktop.exe
    () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_filetransfer.exe
    () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_browser.exe
    () C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe
    (Barracuda Networks, Inc.) C:\Users\ASUS\AppData\Roaming\Copy\CopyAgent.exe
    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
    () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_central_control.exe
    () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_monitor.exe
    (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
    () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_dialogs.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmW.exe
    () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmwj.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
    (Dropbox, Inc.) C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
    (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\ace_update.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
    () C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\AsusWSPanel.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
    (Tech Support Guy System) C:\Users\ASUS\Desktop\Troubleshoot Program\SysInfo.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-12-23] (Realtek Semiconductor)
    HKLM\...\Run: [AuditSHD] => C:\windows\system32\oobe\auditshd.exe [29696 2013-08-22] (Microsoft Corporation)
    HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-30] (Qualcomm Atheros)
    HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-30] (Qualcomm Atheros Commnucations)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [70656 2014-12-23] (Intel Corporation)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-08-05] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
    HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\ASUSWSLoader.exe [63296 2014-07-08] ()
    HKLM-x32\...\Run: [Launcher] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\Launcher\fxlaunch.exe [2400768 2012-04-28] (Fuji Xerox Co., Ltd.)
    HKLM-x32\...\Run: [M205f RUN] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmRun.exe [355840 2012-06-20] ()
    HKLM-x32\...\Run: [StatusAutoRunm205f] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmpl.exe [3978752 2012-06-20] ()
    HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
    HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-11-19] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3084288 2012-07-31] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3878480 2014-08-20] (Tonec Inc.)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2013-11-14] (Microsoft Corporation)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [AceStream] => C:\Users\ASUS\AppData\Roaming\ACEStream\engine\ace_engine.exe [27904 2014-09-25] ()
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Spotify Web Helper] => C:\Users\ASUS\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-15] (Spotify Ltd)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Google Update] => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-13] (Google Inc.)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [MediaFire Tray] => C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_watch.exe [4002120 2015-01-23] ()
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [instanteyedropper] => C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe [352256 2007-10-17] ()
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Copy] => C:\Users\ASUS\AppData\Roaming\Copy\CopyAgent.exe [15435920 2015-01-23] (Barracuda Networks, Inc.)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2425632 2014-11-07] (IObit)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\MountPoints2: {c7345423-f2fd-11e3-bf91-2cd05a4163df} - "E:\WD SmartWare.exe" autoplay=true
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\MountPoints2: {e49a6483-8e37-11e3-824e-806e6f6e6963} - "F:\start.exe"
    HKU\S-1-5-18\...\Run: [Copy] => C:\Users\ASUS\AppData\Roaming\Copy\CopyAgent.exe [15435920 2015-01-23] (Barracuda Networks, Inc.)
    HKU\S-1-5-18\...\Run: [Backblaze] => "C:\Program Files (x86)\Backblaze\bzbui.exe" -quiet
    AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
    AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
    ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
    ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk
    ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
    Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_d548a.dll (TODO: <Company name>)
    ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_d548a.dll (TODO: <Company name>)
    ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_d548a.dll (TODO: <Company name>)
    ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_d548a.dll (TODO: <Company name>)
    ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
    ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_d548a.dll (TODO: <Company name>)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    ProxyEnable: [HKLM] => ProxyEnable is set.
    ProxyEnable: [HKLM-x32] => ProxyEnable is set.
    ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
    ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-147487581-2992457104-1551078015-1002 -> URL http://search.conduit.com/Results.aspx?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SPF84B958F-6C5F-431F-B5D3-7D8E0D53175F&q={searchTerms}&SSPV=
    SearchScopes: HKU\S-1-5-21-147487581-2992457104-1551078015-1002 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
    SearchScopes: HKU\S-1-5-21-147487581-2992457104-1551078015-1002 -> {F420D4DA-5EF9-4E57-852D-35292E645774} URL = http://sg.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
    BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
    BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
    BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
    Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

    FireFox:
    ========
    FF ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default
    FF SelectedSearchEngine: Google
    FF Keyword.URL: hxxp://sg.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=599486&p=
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @acestream.net/acestreamplugin,version=2.2.0-next -> C:\Users\ASUS\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @citrixonline.com/appdetectorplugin -> C:\Users\ASUS\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\ASUS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @talk.google.com/O1DPlugin -> C:\Users\ASUS\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @tools.google.com/Google Update;version=3 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @tools.google.com/Google Update;version=9 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\ASUS\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\ASUS\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
    FF Extension: Advanced SystemCare Surfing Protection - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2014-11-21]
    FF Extension: IDM CC - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2015-01-29]
    FF Extension: FireShot - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-01-30]
    FF Extension: EPUBReader - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-01-11]
    FF Extension: Easy App Tabs - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2014-02-05]
    FF Extension: MEGA - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2015-02-04]
    FF Extension: Save My Tabs - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2014-02-05]
    FF Extension: Media Stealer - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2014-08-24]
    FF Extension: Reader - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}.xpi [2015-01-30]
    FF Extension: Graph Authority - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{CBECCADF-6A82-4141-A264-7ED25F718BCB}.xpi [2014-04-10]
    FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\[email protected] [2014-10-08]
    FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
    FF HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Firefox\Extensions: [[email protected]] - C:\Users\ASUS\AppData\Roaming\IDM\idmmzcc5
    FF Extension: IDM CC - C:\Users\ASUS\AppData\Roaming\IDM\idmmzcc5 [2014-08-24]
    FF HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\ASUS\AppData\Roaming\IDM\idmmzcc5

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPF84B958F-6C5F-431F-B5D3-7D8E0D53175F&SSPV=
    CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPF84B958F-6C5F-431F-B5D3-7D8E0D53175F&SSPV="
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Downloads) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajkhjekibcfjngomhbbifihellcaebcn [2014-07-18]
    CHR Extension: (Download Manager (video and mp3)) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bapnjmgdanmelbcmjdjljogelnlfepcj [2015-01-07]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
    CHR Extension: (RankRecon) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\chjdckfonfkdoeiobllnejjieicmjodh [2014-06-03]
    CHR Extension: (OneTab) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2014-12-23]
    CHR Extension: (Webpage Screenshot) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-03-22]
    CHR Extension: (SEO I.Q.) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\dadlnlnlpkpchfljjcpkodcljofniggm [2014-09-23]
    CHR Extension: (Tabs Backup & Restore) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehocbglhkaogiljpihicakmlockmlgd [2014-03-22]
    CHR Extension: (Graph Authority) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeaaoidckfbpinpmjbbmgnapanfnkdkc [2014-04-10]
    CHR Extension: (FB Pixel Helper) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2015-01-06]
    CHR Extension: (LastPass: Free Password Manager) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-02-02]
    CHR Extension: (Share As Image Extension) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmhphfbdfbkokcfajipbmkcakmmepeb [2014-12-22]
    CHR Extension: (SEO & Website Analysis) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlngmmdolgbdnnimbmblfhhndibdipaf [2014-12-22]
    CHR Extension: (IDM Integration Module) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-02-06]
    CHR Extension: (Hangouts) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-03-25]
    CHR Extension: (Google Wallet) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-06]
    CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-08-20]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
    R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-14] (ASUS)
    R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe [71680 2014-01-15] (ASUS Cloud Corporation) [File not signed]
    R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations)
    S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2012-07-13] (Brother Industries, Ltd.) [File not signed]
    S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
    R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
    R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2014-12-23] (Intel Corporation)
    S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [118728 2014-12-23] (Intel Corporation)
    S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [92672 2014-12-23] (Intel Corporation)
    S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [88064 2014-12-23] (Intel Corporation)
    R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-31] (Diskeeper Corporation)
    R2 FXNADB; C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe [96768 2012-06-20] () [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-28] (Intel Corporation)
    R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
    R2 isupdate.exe; C:\Program Files (x86)\InstallShield\isupdate.exe [43008 2015-01-22] (InstallShield®) [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-26] (Intel Corporation)
    S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2630432 2014-11-04] (IObit)
    S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-18] (McAfee, Inc.)
    S2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-18] (McAfee, Inc.)
    R2 MF NTFS Monitor; C:\Users\ASUS\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe [456504 2015-01-23] ()
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
    R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [File not signed]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
    R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-17] (ASUS Corporation)
    S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
    S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
    S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
    S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
    R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2014-12-23] (Intel Corporation)
    R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [50640 2014-12-23] (Intel Corporation)
    S3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [42224 2014-12-23] (Intel Corporation)
    R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2014-12-23] (Intel Corporation)
    S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [234736 2014-12-23] (Intel Corporation)
    R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-31] (Diskeeper Corporation)
    R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-31] (Diskeeper Corporation)
    R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-23] (REALiX(tm))
    R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
    R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] ()
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-12-23] (Intel Corporation)
    R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2015-01-23] (Windows (R) Win 7 DDK provider)
    R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] ()
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-28] (NVIDIA Corporation)
    R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
    S1 HssDRV6; \SystemRoot\system32\DRIVERS\hssdrv6.sys [X]
    S3 taphss6; \SystemRoot\system32\DRIVERS\taphss6.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-08 00:12 - 2015-02-08 00:12 - 00000000 ____D () C:\FRST
    2015-02-08 00:11 - 2015-02-08 00:12 - 00000000 ____D () C:\Users\ASUS\Desktop\Troubleshoot Program
    2015-02-08 00:11 - 2015-02-08 00:11 - 00000478 _____ () C:\Users\ASUS\Desktop\System info.txt
    2015-02-08 00:05 - 2015-02-08 00:05 - 00000631 _____ () C:\WINDOWS\system32\network.txt
    2015-02-08 00:05 - 2015-02-08 00:05 - 00000631 _____ () C:\Users\ASUS\Desktop\network.txt
    2015-02-07 23:17 - 2015-02-07 23:17 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Clarus
    2015-02-05 10:01 - 2015-02-05 10:01 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
    2015-02-05 10:01 - 2013-08-27 23:42 - 00086035 ____N () C:\WINDOWS\system32\athwbx.cat
    2015-02-05 10:01 - 2013-08-15 20:13 - 03859968 ____N (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\athwbx.sys
    2015-02-05 10:01 - 2013-08-15 20:13 - 03859968 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athwbx.sys
    2015-02-05 00:55 - 2015-02-05 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
    2015-02-04 23:52 - 2015-02-04 23:52 - 00000298 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Gladwin.job
    2015-02-04 23:24 - 2015-02-04 23:32 - 00000000 ____D () C:\AdwCleaner
    2015-02-04 23:23 - 2015-02-04 23:23 - 02194432 _____ () C:\Users\ASUS\Downloads\adwcleaner_4.109.exe
    2015-02-04 23:09 - 2014-12-07 19:53 - 00452755 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20150204-230941.backup
    2015-02-04 23:03 - 2015-02-04 23:03 - 00003859 _____ () C:\Users\ASUS\Downloads\software_removal_tool.log
    2015-02-04 22:47 - 2015-02-04 22:47 - 00002279 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2015-02-04 22:47 - 2015-02-04 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-02-04 22:46 - 2015-02-07 23:52 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-04 22:46 - 2015-02-07 22:51 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-04 22:46 - 2015-02-04 22:46 - 00003888 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-04 22:46 - 2015-02-04 22:46 - 00003652 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-02-02 01:24 - 2015-02-02 01:24 - 00008477 _____ () C:\Users\ASUS\Downloads\Invoice 1480331 (01-30-2015).html
    2015-02-01 23:29 - 2015-02-07 22:06 - 00003758 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
    2015-02-01 23:28 - 2015-02-02 20:51 - 00000492 _____ () C:\WINDOWS\Tasks\InstallShield Update Task.job
    2015-02-01 23:28 - 2015-02-01 23:28 - 00003224 _____ () C:\WINDOWS\System32\Tasks\InstallShield Update Task
    2015-02-01 23:28 - 2015-02-01 23:28 - 00000000 ____D () C:\Program Files (x86)\InstallShield
    2015-02-01 22:58 - 2015-02-01 22:59 - 45488338 _____ () C:\Users\ASUS\Downloads\Microsoft Office Professional Plus 2013 -32-64 Bit(Activator)[RareAbyss].rar
    2015-01-26 23:41 - 2015-02-07 23:27 - 00000578 _____ () C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002.job
    2015-01-22 13:26 - 2015-01-22 13:26 - 00000835 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\slf.lnk
    2015-01-22 13:26 - 2015-01-22 13:26 - 00000823 _____ () C:\Users\Public\Desktop\slf.lnk
    2015-01-22 13:26 - 2015-01-22 13:26 - 00000000 ____D () C:\Program Files (x86)\slf
    2015-01-22 12:27 - 2015-01-06 08:08 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2015-01-22 12:27 - 2015-01-06 08:08 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2015-01-22 09:37 - 2015-02-05 10:22 - 00000000 ____D () C:\Users\ASUS\Downloads\Ryan Deiss - Invisible Selling Machine
    2015-01-22 09:31 - 2015-01-22 09:30 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2015-01-20 21:55 - 2014-12-09 03:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2015-01-20 21:55 - 2014-12-09 03:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2015-01-20 21:55 - 2014-12-09 03:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2015-01-20 21:55 - 2014-12-09 03:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2015-01-20 21:55 - 2014-12-09 03:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2015-01-20 21:55 - 2014-12-09 03:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
    2015-01-20 21:55 - 2014-12-09 03:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
    2015-01-20 21:55 - 2014-12-09 03:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
    2015-01-20 21:55 - 2014-12-06 09:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2015-01-15 22:25 - 2015-01-15 22:25 - 00001056 _____ () C:\Users\Public\Desktop\ICCExpress.lnk
    2015-01-15 22:25 - 2015-01-15 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Dimensions
    2015-01-14 15:07 - 2015-01-14 15:07 - 00004456 _____ () C:\Users\ASUS\Downloads\Keyword Planner 2015-01-14 at 15-07-16.csv
    2015-01-14 12:01 - 2014-12-19 14:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
    2015-01-14 12:01 - 2014-12-12 10:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
    2015-01-14 12:01 - 2014-12-12 08:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
    2015-01-14 12:01 - 2014-12-09 09:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2015-01-14 12:01 - 2014-12-06 11:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
    2015-01-14 12:01 - 2014-12-06 09:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
    2015-01-13 22:58 - 2015-01-13 22:58 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Hobbyist Software
    2015-01-13 22:34 - 2015-02-04 23:12 - 00000000 ____D () C:\Program Files (x86)\Hobbyist Software
    2015-01-13 22:34 - 2015-01-13 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Setup Helper
    2015-01-11 23:10 - 2014-11-16 03:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2015-01-11 23:10 - 2014-11-15 14:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2015-01-11 23:10 - 2014-11-14 22:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2015-01-11 23:10 - 2014-11-14 15:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2015-01-11 23:10 - 2014-11-14 14:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
    2015-01-11 23:10 - 2014-11-14 14:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2015-01-11 23:10 - 2014-11-14 14:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
    2015-01-11 23:10 - 2014-11-14 14:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
    2015-01-11 23:10 - 2014-11-14 14:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2015-01-11 23:10 - 2014-11-14 14:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2015-01-11 23:10 - 2014-11-14 14:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
    2015-01-11 23:10 - 2014-11-14 13:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
    2015-01-11 23:10 - 2014-11-14 13:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2015-01-11 23:10 - 2014-11-14 13:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
    2015-01-11 23:10 - 2014-11-14 13:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2015-01-11 23:10 - 2014-11-14 13:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2015-01-11 23:10 - 2014-11-11 08:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2015-01-11 23:10 - 2014-11-11 08:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2015-01-11 23:10 - 2014-11-11 02:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2015-01-11 23:10 - 2014-11-11 02:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
    2015-01-11 23:10 - 2014-11-11 02:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2015-01-11 23:10 - 2014-11-11 02:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
    2015-01-11 23:10 - 2014-11-10 10:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
    2015-01-11 23:10 - 2014-11-10 09:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
    2015-01-11 23:10 - 2014-11-10 09:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2015-01-11 23:10 - 2014-11-10 09:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
    2015-01-11 23:10 - 2014-11-10 09:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2015-01-11 23:10 - 2014-11-10 09:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
    2015-01-11 23:10 - 2014-11-10 09:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
    2015-01-11 23:10 - 2014-11-10 09:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
    2015-01-11 23:10 - 2014-11-10 08:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
    2015-01-11 23:10 - 2014-11-10 08:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
    2015-01-11 23:10 - 2014-11-08 18:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2015-01-11 23:10 - 2014-11-08 18:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2015-01-11 23:10 - 2014-11-08 12:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
    2015-01-11 23:10 - 2014-11-08 12:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
    2015-01-11 23:10 - 2014-11-08 11:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
    2015-01-11 23:10 - 2014-11-08 11:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
    2015-01-11 23:10 - 2014-11-08 11:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
    2015-01-11 23:10 - 2014-11-08 11:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
    2015-01-11 23:10 - 2014-11-08 11:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
    2015-01-11 23:10 - 2014-11-08 11:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
    2015-01-11 23:10 - 2014-11-08 11:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
    2015-01-11 23:10 - 2014-11-08 11:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
    2015-01-11 23:10 - 2014-11-08 11:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
    2015-01-11 23:10 - 2014-11-08 10:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
    2015-01-11 23:10 - 2014-11-08 10:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2015-01-11 23:10 - 2014-11-08 10:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2015-01-11 23:10 - 2014-11-08 10:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
    2015-01-11 23:10 - 2014-11-08 10:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
    2015-01-11 23:10 - 2014-11-08 09:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
    2015-01-11 23:10 - 2014-11-08 09:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
    2015-01-11 23:10 - 2014-11-08 09:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
    2015-01-11 23:10 - 2014-11-07 11:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2015-01-11 23:10 - 2014-11-07 11:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2015-01-11 23:10 - 2014-11-05 10:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
    2015-01-11 23:10 - 2014-11-05 10:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
    2015-01-11 23:10 - 2014-11-05 10:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
    2015-01-11 23:10 - 2014-11-05 09:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
    2015-01-11 23:10 - 2014-11-05 09:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
    2015-01-11 23:10 - 2014-11-05 09:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
    2015-01-11 23:10 - 2014-11-05 09:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
    2015-01-11 23:10 - 2014-11-05 09:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
    2015-01-11 23:10 - 2014-11-05 09:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
    2015-01-11 23:10 - 2014-11-05 09:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
    2015-01-11 23:10 - 2014-11-05 09:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
    2015-01-11 23:10 - 2014-11-05 09:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
    2015-01-11 23:10 - 2014-11-05 09:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
    2015-01-11 23:10 - 2014-11-05 09:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
    2015-01-11 23:10 - 2014-11-05 03:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
    2015-01-11 23:10 - 2014-11-05 03:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
    2015-01-11 23:10 - 2014-11-05 03:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
    2015-01-11 23:10 - 2014-11-04 14:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
    2015-01-11 23:10 - 2014-11-04 14:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
    2015-01-11 23:10 - 2014-11-04 14:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
    2015-01-11 23:10 - 2014-11-04 14:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
    2015-01-11 23:10 - 2014-11-04 14:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
    2015-01-11 23:10 - 2014-11-04 13:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2015-01-11 23:10 - 2014-10-31 08:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2015-01-11 23:10 - 2014-10-31 08:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2015-01-11 23:10 - 2014-10-30 13:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2015-01-11 23:10 - 2014-10-30 13:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2015-01-11 23:10 - 2014-10-30 13:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2015-01-11 23:10 - 2014-10-29 11:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2015-01-11 23:10 - 2014-10-29 10:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
    2015-01-11 23:10 - 2014-10-29 10:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
    2015-01-11 23:10 - 2014-10-29 09:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
    2015-01-11 23:10 - 2014-10-29 09:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
    2015-01-11 23:10 - 2014-10-29 09:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
    2015-01-11 23:10 - 2014-10-29 09:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
    2015-01-11 23:10 - 2014-10-29 09:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
    2015-01-11 23:10 - 2014-10-29 09:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
    2015-01-11 23:10 - 2014-10-29 09:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
    2015-01-11 23:10 - 2014-10-29 09:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
    2015-01-11 23:10 - 2014-10-27 06:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
    2015-01-11 23:10 - 2014-10-21 09:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
    2015-01-11 23:10 - 2014-10-21 09:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
    2015-01-11 23:10 - 2014-10-21 08:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
    2015-01-11 23:10 - 2014-10-21 08:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
    2015-01-11 23:10 - 2014-10-21 08:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
    2015-01-11 23:10 - 2014-10-21 08:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
    2015-01-11 23:10 - 2014-10-21 08:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
    2015-01-11 23:10 - 2014-10-17 12:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2015-01-11 23:10 - 2014-10-17 12:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
    2015-01-11 23:10 - 2014-10-17 12:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
    2015-01-11 23:10 - 2014-10-17 11:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2015-01-11 23:09 - 2014-11-18 04:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
    2015-01-11 23:09 - 2014-11-18 04:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2015-01-11 23:09 - 2014-11-14 14:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
    2015-01-11 23:09 - 2014-11-14 14:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2015-01-11 23:09 - 2014-11-14 14:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
    2015-01-11 23:09 - 2014-11-14 14:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
    2015-01-11 23:09 - 2014-11-14 14:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
    2015-01-11 23:09 - 2014-11-14 12:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
    2015-01-09 13:19 - 2015-01-09 14:11 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Audacity
    2015-01-09 13:18 - 2015-01-09 13:18 - 00001033 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
    2015-01-09 13:18 - 2015-01-09 13:18 - 00001021 _____ () C:\Users\Public\Desktop\Audacity.lnk
    2015-01-09 13:18 - 2015-01-09 13:18 - 00000000 ____D () C:\Program Files (x86)\Audacity
    2015-01-09 10:09 - 2014-10-31 06:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2015-01-09 10:09 - 2014-10-31 06:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-08 00:12 - 2014-04-06 12:47 - 00000000 ___HD () C:\Users\ASUS\.mediafire
    2015-02-08 00:02 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\sru
    2015-02-07 23:59 - 2014-02-05 15:36 - 01507787 _____ () C:\WINDOWS\WindowsUpdate.log
    2015-02-07 23:50 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
    2015-02-07 23:39 - 2014-02-07 10:23 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-02-07 22:56 - 2014-02-12 22:49 - 09018368 ___SH () C:\Users\ASUS\Downloads\Thumbs.db
    2015-02-07 22:35 - 2014-02-06 23:22 - 13922816 ___SH () C:\Users\ASUS\Desktop\Thumbs.db
    2015-02-07 22:25 - 2014-02-06 21:03 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\vlc
    2015-02-07 22:14 - 2013-11-14 15:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2015-02-07 22:07 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\DMCache
    2015-02-07 22:06 - 2014-04-06 12:47 - 00000000 ___RD () C:\Users\ASUS\MediaFire
    2015-02-07 22:06 - 2014-02-14 12:12 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Copy
    2015-02-07 22:06 - 2014-02-05 16:05 - 00000000 __RDO () C:\Users\ASUS\SkyDrive
    2015-02-07 22:06 - 2014-02-05 08:50 - 00000062 _____ () C:\Users\ASUS\AppData\Roaming\sp_data.sys
    2015-02-07 22:05 - 2014-12-23 18:10 - 00010652 _____ () C:\WINDOWS\setupact.log
    2015-02-07 22:05 - 2013-08-22 22:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2015-02-05 14:40 - 2014-06-23 03:09 - 00000000 ____D () C:\Users\ASUS\Downloads\Bank Statement
    2015-02-05 10:16 - 2014-05-08 18:20 - 00000000 ____D () C:\Users\ASUS\AppData\Local\CrashDumps
    2015-02-05 10:02 - 2014-02-05 07:02 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
    2015-02-05 09:13 - 2014-02-05 08:51 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-147487581-2992457104-1551078015-1002
    2015-02-05 01:13 - 2014-02-10 21:17 - 00000000 ____D () C:\Users\ASUS\Desktop\Shortcuts
    2015-02-05 01:07 - 2013-08-22 21:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
    2015-02-05 01:06 - 2014-02-05 11:55 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\IObit
    2015-02-05 01:06 - 2014-02-05 11:55 - 00000000 ____D () C:\ProgramData\ProductData
    2015-02-05 01:06 - 2014-02-05 11:55 - 00000000 ____D () C:\ProgramData\IObit
    2015-02-05 01:06 - 2014-02-05 08:43 - 00000000 ____D () C:\Users\ASUS\AppData\Local\ASUS
    2015-02-05 01:06 - 2014-02-05 07:20 - 00000000 ____D () C:\ProgramData\P4G
    2015-02-05 00:59 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\registration
    2015-02-05 00:36 - 2014-02-05 15:41 - 00000000 ____D () C:\Users\ASUS
    2015-02-05 00:22 - 2014-12-11 11:59 - 00000000 ____D () C:\Program Files\Recuva
    2015-02-04 23:33 - 2014-12-07 21:07 - 00037310 _____ () C:\WINDOWS\PFRO.log
    2015-02-04 23:11 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\IDM
    2015-02-04 22:47 - 2014-02-05 12:46 - 00000000 ____D () C:\Program Files (x86)\Google
    2015-02-04 17:24 - 2014-08-20 23:07 - 00003037 _____ () C:\WINDOWS\wininit.ini
    2015-02-04 14:20 - 2012-07-26 15:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
    2015-02-04 13:49 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
    2015-02-04 13:11 - 2014-02-05 16:11 - 00000000 ___RD () C:\Users\ASUS\Dropbox
    2015-02-04 13:11 - 2014-02-05 16:10 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Dropbox
    2015-02-04 12:04 - 2014-02-08 18:25 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\uTorrent
    2015-02-04 12:04 - 2014-02-05 12:47 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Mozilla
    2015-02-04 01:06 - 2014-02-05 08:43 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Packages
    2015-02-03 00:07 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\ASUS\Downloads\Compressed
    2015-02-01 23:29 - 2014-02-05 17:09 - 00000000 ____D () C:\WINDOWS\AutoKMS
    2015-01-30 21:51 - 2014-02-05 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-01-29 21:13 - 2014-02-05 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-01-26 23:41 - 2014-04-26 11:28 - 00003580 _____ () C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002
    2015-01-26 00:16 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\ASUS\Downloads\Video
    2015-01-25 20:39 - 2014-02-07 10:23 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2015-01-23 04:07 - 2014-04-06 12:32 - 00020696 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mfmonitor_x64.sys
    2015-01-22 13:17 - 2014-09-26 00:52 - 00000000 __SHD () C:\Users\ASUS\wc
    2015-01-22 09:33 - 2014-06-16 11:07 - 00000000 ____D () C:\ProgramData\Oracle
    2015-01-22 09:30 - 2014-12-23 18:17 - 00000000 ____D () C:\Program Files (x86)\Java
    2015-01-21 13:21 - 2014-08-17 13:39 - 00004962 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for GLADWIN-Gladwin Gladwin
    2015-01-21 10:24 - 2015-01-06 11:24 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\FileZilla
    2015-01-18 23:56 - 2014-02-08 18:15 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\.ACEStream
    2015-01-18 23:50 - 2014-07-01 00:10 - 00000000 ___HD () C:\_acestream_cache_
    2015-01-16 16:58 - 2014-10-25 14:26 - 00000000 ___RD () C:\Users\ASUS\Copy [email protected]
    2015-01-15 22:25 - 2014-09-10 15:59 - 00000000 ____D () C:\Users\ASUS\Documents\ICCExpress
    2015-01-15 22:25 - 2014-09-10 15:59 - 00000000 ____D () C:\Program Files (x86)\Web Dimensions
    2015-01-14 20:05 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\rescache
    2015-01-14 19:05 - 2014-02-05 12:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2015-01-14 18:54 - 2014-02-05 12:06 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-01-13 00:20 - 2014-12-23 22:57 - 00000000 ____D () C:\Users\ASUS\Downloads\GKIC_Holiday_Training
    2015-01-11 23:59 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ToastData
    2015-01-11 23:59 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
    2015-01-11 23:59 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
    2015-01-11 23:59 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\setup
    2015-01-09 23:51 - 2014-04-22 10:20 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Telegram Win (Unofficial)
    2015-01-09 14:17 - 2013-08-22 22:44 - 05118432 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

    ==================== Files in the root of some directories =======

    2014-08-28 09:34 - 2014-08-28 09:35 - 15000576 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
    2014-02-14 13:26 - 2014-02-14 13:26 - 0000088 _____ () C:\Users\ASUS\AppData\Roaming\.95d691779473f3e03bc4b4e56319d74c.key
    2014-02-14 13:26 - 2014-02-14 13:26 - 0000088 _____ () C:\Users\ASUS\AppData\Roaming\.c79792229cdae4d8fe4e261fc4d6976b.key
    2014-11-14 15:36 - 2014-11-25 18:41 - 0000132 _____ () C:\Users\ASUS\AppData\Roaming\Adobe PNG Format CS6 Prefs
    2014-02-14 13:27 - 2015-01-06 15:46 - 0000248 _____ () C:\Users\ASUS\AppData\Roaming\RO39-2M3Q
    2014-02-05 08:50 - 2015-02-07 22:06 - 0000062 _____ () C:\Users\ASUS\AppData\Roaming\sp_data.sys
    2014-06-19 10:28 - 2014-06-19 10:28 - 0000024 _____ () C:\Users\ASUS\AppData\Roaming\temp.ini
    2014-11-14 15:45 - 2014-11-14 15:45 - 0001456 _____ () C:\Users\ASUS\AppData\Local\Adobe Save for Web 13.0 Prefs
    2012-09-10 19:49 - 2012-09-10 19:49 - 0001050 ____H () C:\Users\ASUS\AppData\Local\{793FD447-37EB-4083-B222-2E447297AF07}
    2014-12-23 18:14 - 2014-12-23 18:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2012-08-05 09:42 - 2012-07-30 14:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
    2012-08-05 09:42 - 2009-07-22 18:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

    Files to move or delete:
    ====================
    C:\ProgramData\SetStretch.exe


    Some content of TEMP:
    ====================
    C:\Users\ASUS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnko0rn.dll
    C:\Users\ASUS\AppData\Local\Temp\Quarantine.exe
    C:\Users\ASUS\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-01-31 17:34

    ==================== End Of Log ============================
     
  3. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015
    Ran by Gladwin at 2015-02-08 00:14:17
    Running from C:\Users\ASUS\Desktop\Troubleshoot Program
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Ace Stream Media 2.2.0-next (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\AceStream) (Version: 2.2.0-next - Ace Stream Media)
    Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
    Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
    AliG SLF (HKLM-x32\...\com.aligmarketing.slf) (Version: 3.1.2 - Ali G. Marketing LLC)
    AliG SLF (x32 Version: 3.1.2 - Ali G. Marketing LLC) Hidden
    Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
    ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
    ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
    ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
    ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
    ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
    AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
    Atheros Outlook Addin 2010 (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\BB108A893815B64BF41C4574C3324FB7371AA244) (Version: 1.0.0.0 - Microsoft)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
    Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
    AudienceMakr (HKLM-x32\...\AudienceMakr) (Version: 1.0.2 - Infomastery, LLC)
    AudienceMakr (x32 Version: 1.0.2 - Infomastery, LLC) Hidden
    Brother MFL-Pro Suite MFC-9330CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
    Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
    Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
    Copy (HKLM\...\{EE4CEBB9-C0FC-4503-9BC0-1E32B566DE71}) (Version: 1.47.410.0 - Barracuda Networks, Inc.)
    CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
    DocuPrint CM205 f_fw (HKLM-x32\...\InstallShield_{82E36284-5E49-4800-9882-0B69D7EEAC2D}) (Version: 1.011.00 - Fuji Xerox)
    DocuPrint CM205 f_fw (x32 Version: 1.011.00 - Fuji Xerox) Hidden
    Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
    Dropbox (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
    Explaindio Sketch Line Color Changer (HKLM-x32\...\Coloring) (Version: 0.0.0 - UNKNOWN)
    Explaindio Sketch Line Color Changer (x32 Version: 0.0.0 - UNKNOWN) Hidden
    Explaindio Video Creator version 1.004 (HKLM-x32\...\{FE60174E-0881-4634-946F-9F9C8672710A}_is1) (Version: 1.004 - Explaindio LLC)
    Explaindio Video Creator version 1.009 (HKLM-x32\...\{9E347DDD-DB67-4348-8C96-75E0BBC65407}_is1) (Version: 1.009 - Explaindio LLC)
    Explaindio Video Creator version 1.012 (HKLM-x32\...\{C38A770F-F857-4357-84ED-FF71D8DE90BF}_is1) (Version: 1.012 - Explaindio LLC)
    ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
    FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
    GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
    Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    GoToMeeting 6.4.11.2273 (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\GoToMeeting) (Version: 6.4.11.2273 - CitrixOnline)
    GSA Email Spider v7.13 (HKLM-x32\...\GSA Email Spider_is1) (Version: 7.13 - GSA Software)
    GSA Search Engine Ranker v9.42 (HKLM-x32\...\GSA Search Engine Ranker_is1) (Version: 9.42 - GSA Software)
    HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
    Instant Content Curator Express (HKLM-x32\...\com.webdimensions.instantcontentcurator.express) (Version: 2.0.8 - Web Dimensions, Inc.)
    Instant Content Curator Express (x32 Version: 2.0.8 - Web Dimensions, Inc.) Hidden
    Instant Eyedropper 1.75 (HKLM-x32\...\Instant Eyedropper_is1) (Version: - )
    Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.7.1084 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
    Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
    IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
    Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Last Man (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Last Man) (Version: - )
    LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
    LongTailPro - Version 2.4.28 (HKLM-x32\...\com.longtailpro.LongTailPro) (Version: 2.4.28 - Long Tail Media, LLC)
    LongTailPro - Version 2.4.28 (x32 Version: 2.4.28 - Long Tail Media, LLC) Hidden
    Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.38 - Alliance Software Pty Ltd)
    Market Samurai (x32 Version: 0.93.38 - Alliance Software Pty Ltd) Hidden
    MediaFire Desktop (HKLM-x32\...\MediaFire Desktop 0.10.21.9247) (Version: 1.4.16.10766 - MediaFire)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mobile Lead Monster (HKLM-x32\...\MobileLeadMonster) (Version: 1.0 - Axiom Marketing Inc.)
    Mobile Lead Monster (x32 Version: 1.0 - Axiom Marketing Inc.) Hidden
    Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MP3 Skype recorder (HKLM-x32\...\{9AFDC558-9575-48B8-BC39-CCAACB8DC05E}) (Version: 4.4.1.0 - Alexander Nikiforov)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
    Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
    NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
    NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
    NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
    NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
    NZ Financial MT4 Terminal (HKLM-x32\...\NZ Financial MT4 Terminal) (Version: 4.00 - MetaQuotes Software Corp.)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    Penguin Recovery Jeet (HKLM-x32\...\Penguin Recovery Jeet_is1) (Version: 1.0 - Teknikforce)
    PureVPN (HKLM-x32\...\PureVPN_is1) (Version: 3.2 - PureVPN)
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.210 - Qualcomm Atheros Communications)
    Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
    Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
    Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.172 - Clarus, Inc.)
    Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
    Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
    Scansoft PDF Professional (x32 Version: - ) Hidden
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
    Skype&#8482; 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
    SMSCaster E-Marketer GSM Enterprise v3.6 (HKLM-x32\...\SMSCaster E-Marketer GSM Enterprise_is1) (Version: v3.6 (build 1071) - SDJ Software Limited)
    SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
    Spotify (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
    Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
    StreamTorrent 1.0 (HKLM-x32\...\StreamTorrent 1.0) (Version: - )
    Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
    Telegram Desktop version 0.7.4 (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.7.4 - Telegram Messenger LLP)
    Update for CHS Microsoft IME HAP Dictionary (Version: 16.0.858.1 - Microsoft Corporation) Hidden
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.01) (Version: 1.01 - Webvati)
    VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.04) (Version: 1.04 - Webvati)
    VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.05) (Version: 1.05 - Webvati)
    VideoMakerFX (x32 Version: 1.01 - Webvati) Hidden
    VideoMakerFX (x32 Version: 1.05 - Webvati) Hidden
    VideoMakerFX Josh Ratta Bonus Scenes (HKLM-x32\...\{E7CAFBCF-1A20-4AF8-AE0E-89A8282CCA46}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes August Addon 1.0 (HKLM-x32\...\{BC117729-A0EA-48CF-941E-6F12EFB7D71E}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes December Addon 1.0 (HKLM-x32\...\{F5AEF14E-731A-4875-B55D-1561E2F87722}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes July Addon 1.0 (HKLM-x32\...\{BDAA3BD7-1BA0-4727-B99F-89FD45A1D15A}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes June Addon 1.0 (HKLM-x32\...\{AE11668B-174C-461F-8A4D-5AEF54DD3B5F}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes May Addon 1.0 (HKLM-x32\...\{6073BA7B-671F-4F41-AA93-05164AAE6A72}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes November Addon 1.0 (HKLM-x32\...\{23CFA575-AD8D-48AD-971D-EF76F70FC94F}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes October Addon 1.0 (HKLM-x32\...\{C7F12978-67A4-45F3-9010-9F94BC730894}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes September Addon 1.0 (HKLM-x32\...\{703AEFFE-6830-4BEB-A697-62D5566A7557}) (Version: 1.0 - Webvati)
    VideoMakerFX VideoProfitFX Add On 1.0 (HKLM-x32\...\{8F99303E-4E46-45DC-964D-649DBC72B717}) (Version: 1.0 - Webvati)
    VideoMakerFX Webinar Bonus Kinetic Special Scenes (HKLM-x32\...\{1895C465-14C6-4AEB-8478-13F0A1953282}) (Version: 1.0 - Webvati)
    VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
    VLC Setup Helper (HKLM-x32\...\VLC Setup Helper_is1) (Version: - )
    WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.8.381 - ASUS Cloud Corporation)
    Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
    WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\ASUS\AppData\Local\Citrix\GoToMeeting\1865\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

    ==================== Restore Points =========================

    07-02-2015 23:41:03 Scheduled Checkpoint

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2014-11-13 11:30 - 2015-02-04 23:09 - 00452879 ____R C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com

    There are 1000 more lines.


    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {1742358F-8846-4E9D-8697-745671B47E51} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
    Task: {1EC4E477-8FB4-4785-8F1C-B28E2F00A284} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-25] (ASUS)
    Task: {231A1BC4-7F52-433B-BA49-DAC21ED77E2C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {25D85311-5B21-456E-A38D-66D2A4E80951} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
    Task: {275ADBFC-8958-496E-9374-8D0A637CF457} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-02-01] ()
    Task: {290E0ECC-80AC-4EF3-B407-4A57DA304B36} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
    Task: {32738391-2504-47E2-AB27-3F73C61CD016} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
    Task: {35631E60-74ED-44BE-9C60-43DC09DA1993} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
    Task: {3B5951F4-199B-490D-922E-06D0B82A59A9} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-19] (ASUSTek Computer Inc.)
    Task: {3C3C1EA3-2DAE-4B67-921E-D4A2A529B8C4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
    Task: {453A192F-EFE2-4E59-8DB3-DF1E1F1EAA85} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-30] ()
    Task: {48BC6164-F3B2-4DD2-B8EB-BFF8A59B9E6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
    Task: {63A5081D-D5AD-495D-9006-1519CB6CB077} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-30] (ASUS)
    Task: {78CDE10B-3C8A-496A-9D53-0E2A2A2B2A22} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {8006A781-C47E-4391-BCE9-EDCC3A3492D6} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-25] (ASUS)
    Task: {82AA3937-45DC-4A88-955B-05EFCC1B721E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {93310510-D537-4AFE-B82D-ACC79E312AC0} - System32\Tasks\ASC8_SkipUac_Gladwin => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-07] (IObit)
    Task: {9411BCD0-CBCE-4E6F-9E4A-C6C5743A2F6F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-23] (ASUSTeK Computer Inc.)
    Task: {97DAD6E6-1844-4F80-A827-CFC2AA087E3A} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-17] (AsusTek)
    Task: {A1E533F8-F20E-4D0F-89D0-771BCE3B0147} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-05] ()
    Task: {E10CE05D-CD0F-4E10-A184-B9E613977FC6} - System32\Tasks\CLARUS_DRIVE_MANAGER\Clarus_Drive_Manager => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe [2013-12-18] (Clarus, Inc.)
    Task: {F0BBFD4C-5614-49DB-8CA1-69D298C40533} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {F50BA656-7650-4D52-8358-18794A1F735F} - System32\Tasks\InstallShield Update Task => Wscript.exe //nologo //E:jscript //B "C:\Program Files (x86)\InstallShield\isupdate.ini"
    Task: {F9D63969-0932-4E38-A93A-91E6D66279D8} - System32\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002 => C:\Users\ASUS\AppData\Local\Citrix\GoToMeeting\2273\g2mupdate.exe [2015-01-26] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {F9FCC539-8746-42FF-9391-A5AB01EE4EA8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for GLADWIN-Gladwin Gladwin => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation)
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002.job => C:\Users\ASUS\AppData\Local\Citrix\GoToMeeting\2273\g2mupdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1cf8e99a9971846.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1cfedc1168c14f4.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1cfffdbc8a5ac38.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\InstallShield Update Task.job => C:\WINDOWS\system32\wscript.exe
    Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Gladwin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

    ==================== Loaded Modules (whitelisted) ==============

    2013-12-10 08:13 - 2014-03-04 22:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-02-05 15:36 - 2014-03-04 21:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2011-11-18 10:02 - 2011-11-18 10:02 - 00023040 _____ () C:\WINDOWS\System32\fxhk4alm.dll
    2012-06-20 12:21 - 2012-06-20 12:21 - 00096768 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe
    2014-04-06 12:32 - 2015-01-23 04:39 - 00456504 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
    2014-12-02 17:11 - 2005-04-22 12:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
    2012-08-25 09:26 - 2012-08-25 09:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
    2012-11-30 09:15 - 2012-11-30 09:15 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
    2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2014-05-02 03:29 - 2014-05-02 03:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
    2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2012-09-30 11:02 - 2012-09-30 11:02 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
    2012-09-30 10:59 - 2012-09-30 10:59 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
    2012-09-30 11:01 - 2012-09-30 11:01 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    2014-01-28 17:46 - 2014-09-25 13:57 - 00027904 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\ace_engine.exe
    2014-04-06 12:32 - 2015-01-23 04:39 - 04002120 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_watch.exe
    2014-04-06 12:32 - 2015-01-23 04:39 - 01228616 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_hub.exe
    2014-04-06 12:32 - 2015-01-23 04:39 - 04672328 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\MediaFire Desktop.exe
    2014-04-06 12:32 - 2015-01-23 04:39 - 04242760 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_filetransfer.exe
    2014-04-06 12:32 - 2015-01-23 04:39 - 03957064 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_browser.exe
    2014-07-09 10:55 - 2007-10-17 16:22 - 00352256 _____ () C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe
    2015-01-23 23:40 - 2015-01-23 23:40 - 02092544 _____ () C:\Users\ASUS\AppData\Roaming\Copy\Gui.dll
    2015-01-23 23:40 - 2015-01-23 23:40 - 08212480 _____ () C:\Users\ASUS\AppData\Roaming\Copy\Brt.dll
    2015-01-23 23:40 - 2015-01-23 23:40 - 09276928 _____ () C:\Users\ASUS\AppData\Roaming\Copy\AgentSync.dll
    2015-01-23 23:40 - 2015-01-23 23:40 - 05327872 _____ () C:\Users\ASUS\AppData\Roaming\Copy\CloudSync.dll
    2014-04-06 12:32 - 2015-01-23 04:39 - 09501000 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_central_control.exe
    2014-04-06 12:32 - 2015-01-23 04:39 - 02406216 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_monitor.exe
    2014-04-06 12:32 - 2015-01-23 04:39 - 07139144 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mf_dialogs.exe
    2012-06-20 12:21 - 2012-06-20 12:21 - 00248320 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmW.exe
    2012-06-20 12:21 - 2012-06-20 12:21 - 00229376 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmwj.exe
    2014-01-10 13:26 - 2014-01-10 13:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    2013-03-29 19:18 - 2013-03-29 19:18 - 00026744 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\ace_update.exe
    2014-11-21 11:41 - 2014-07-11 16:04 - 01106720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
    2014-11-21 11:41 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
    2014-06-02 00:07 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2014-06-02 00:07 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2014-06-02 00:07 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2014-06-02 00:07 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2014-06-02 00:07 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2015-02-05 00:54 - 2014-06-06 13:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
    2015-02-05 00:54 - 2014-06-06 13:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
    2015-02-05 00:54 - 2014-06-06 13:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
    2015-02-05 00:54 - 2014-06-06 13:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
    2014-01-28 17:46 - 2014-11-28 13:46 - 00249856 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd
    2011-06-12 21:09 - 2011-06-12 21:09 - 00038400 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_socket.pyd
    2011-06-12 21:09 - 2011-06-12 21:09 - 00720896 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd
    2013-11-27 23:50 - 2013-11-27 23:50 - 00018944 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd
    2011-06-12 21:06 - 2011-06-12 21:06 - 00287232 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd
    2014-01-28 17:45 - 2014-11-28 13:46 - 01732096 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd
    2014-01-23 19:37 - 2014-01-23 19:37 - 00036352 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd
    2013-12-21 21:20 - 2013-12-21 21:20 - 00053248 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_blist.pyd
    2011-06-12 21:06 - 2011-06-12 21:06 - 00106496 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd
    2013-12-21 21:20 - 2013-12-21 21:20 - 00040448 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd
    2011-06-12 21:06 - 2011-06-12 21:06 - 00011776 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\select.pyd
    2011-01-19 05:56 - 2011-01-19 05:56 - 00334336 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd
    2011-06-12 21:06 - 2011-06-12 21:06 - 00152576 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd
    2011-02-13 23:02 - 2011-02-13 23:02 - 00031232 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd
    2014-01-28 17:55 - 2014-11-28 13:46 - 03083264 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd
    2012-02-08 00:37 - 2012-02-08 00:37 - 00098816 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\win32api.pyd
    2012-02-08 00:35 - 2012-02-08 00:35 - 00110080 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll
    2012-02-08 00:38 - 2012-02-08 00:38 - 00358912 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll
    2012-02-08 00:36 - 2012-02-08 00:36 - 00111616 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\win32file.pyd
    2012-02-08 00:36 - 2012-02-08 00:36 - 00024064 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd
    2010-10-11 06:23 - 2010-10-11 06:23 - 00723968 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\apsw.pyd
    2013-01-30 00:20 - 2013-01-30 00:20 - 00082944 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd
    2011-07-16 03:37 - 2011-07-16 03:37 - 00981504 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd
    2011-07-16 03:38 - 2011-07-16 03:38 - 00746496 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd
    2011-07-16 03:38 - 2011-07-16 03:38 - 00670720 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd
    2011-07-16 03:38 - 2011-07-16 03:38 - 00966144 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd
    2011-07-16 03:38 - 2011-07-16 03:38 - 00674816 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd
    2011-06-12 21:06 - 2011-06-12 21:06 - 00688128 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd
    2013-12-21 21:02 - 2013-12-21 21:02 - 00061952 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd
    2013-01-30 00:20 - 2013-01-30 00:20 - 00066048 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd
    2014-04-06 12:32 - 2015-01-23 04:23 - 00112142 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\libgcc_s_dw2-1.dll
    2014-04-06 12:32 - 2015-01-23 04:23 - 01000974 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\libstdc++-6.dll
    2014-07-05 14:20 - 2015-01-23 04:08 - 04188400 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\libsqlite3cc.dll
    2014-04-06 12:32 - 2015-01-23 04:07 - 00042496 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\win32overlay.dll
    2014-11-21 11:41 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
    2014-04-06 12:32 - 2015-01-23 04:07 - 00007680 _____ () C:\Users\ASUS\AppData\Local\MediaFire Desktop\mfmonitor.dll
    2014-01-10 13:28 - 2014-01-10 13:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    2013-12-10 08:13 - 2014-03-04 22:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-10-22 08:22 - 2014-10-22 08:22 - 00750080 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\libGLESv2.dll
    2015-02-07 22:06 - 2015-02-07 22:06 - 00043008 _____ () c:\users\asus\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnko0rn.dll
    2014-10-22 08:22 - 2014-10-22 08:22 - 00047616 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\libEGL.dll
    2014-10-22 08:22 - 2014-10-22 08:22 - 00863744 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
    2014-10-22 08:22 - 2014-10-22 08:22 - 00200704 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
    2011-06-12 21:09 - 2011-06-12 21:09 - 00038400 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\_socket.pyd
    2011-06-12 21:09 - 2011-06-12 21:09 - 00720896 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd
    2011-07-16 03:37 - 2011-07-16 03:37 - 00981504 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd
    2011-07-16 03:38 - 2011-07-16 03:38 - 00746496 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd
    2011-07-16 03:38 - 2011-07-16 03:38 - 00670720 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd
    2011-07-16 03:38 - 2011-07-16 03:38 - 00966144 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd
    2011-07-16 03:38 - 2011-07-16 03:38 - 00674816 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd
    2011-06-12 21:06 - 2011-06-12 21:06 - 00287232 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd
    2011-01-19 05:56 - 2011-01-19 05:56 - 00334336 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd
    2011-06-12 21:06 - 2011-06-12 21:06 - 00011776 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\select.pyd
    2011-06-12 21:06 - 2011-06-12 21:06 - 00152576 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd
    2012-02-08 00:37 - 2012-02-08 00:37 - 00098816 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\win32api.pyd
    2012-02-08 00:35 - 2012-02-08 00:35 - 00110080 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll
    2012-02-08 00:38 - 2012-02-08 00:38 - 00358912 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll
    2012-02-08 00:36 - 2012-02-08 00:36 - 00111616 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\win32file.pyd
    2012-02-08 00:36 - 2012-02-08 00:36 - 00024064 _____ () C:\Users\ASUS\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd
    2014-02-05 07:06 - 2012-06-26 02:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2014-02-05 11:55 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
    2014-02-05 11:55 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
    2014-02-05 11:55 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
    2014-11-21 11:41 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
    2014-11-21 11:41 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
    2014-11-21 11:41 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
    2015-02-08 00:13 - 2015-02-08 00:13 - 00706560 _____ () C:\Users\ASUS\AppData\Local\Temp\is-7V26G.tmp\mbam-setup-2.0.4.1028.tmp
    2015-02-08 00:13 - 2015-02-08 00:13 - 00706560 _____ () C:\Users\ASUS\AppData\Local\Temp\is-UTF4B.tmp\mbam-setup-2.0.4.1028.tmp

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\Users\ASUS\SkyDrive:ms-properties

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Registry Areas =====================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\ASUS\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\asus.jpg

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== Accounts: =============================

    Administrator (S-1-5-21-147487581-2992457104-1551078015-500 - Administrator - Disabled)
    Gladwin (S-1-5-21-147487581-2992457104-1551078015-1002 - Administrator - Enabled) => C:\Users\ASUS
    Guest (S-1-5-21-147487581-2992457104-1551078015-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-147487581-2992457104-1551078015-1004 - Limited - Enabled)

    ==================== Faulty Device Manager Devices =============

    Name: Intel(R) Dynamic Platform & Thermal Framework Driver
    Description: Intel(R) Dynamic Platform & Thermal Framework Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: DptfManager
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Virtual Bluetooth Support
    Description: Virtual Bluetooth Support
    Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
    Manufacturer: Qualcomm Atheros Communications
    Service: AthBTPort
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Bluetooth LWFLT Device
    Description: Bluetooth LWFLT Device
    Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
    Manufacturer: Qualcomm Atheros Communications
    Service: BTATH_LWFLT
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: DptfDevGen
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: DptfDevGen
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: DptfDevGen
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: DptfDevGen
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

    Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

    Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceServiceMain: ServiceStart() failed.

    Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

    Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

    Error: (02/07/2015 10:06:19 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.

    Error: (02/07/2015 10:06:19 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005]

    Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

    Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

    Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceServiceMain: ServiceStart() failed.


    System errors:
    =============
    Error: (02/07/2015 10:05:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The McAfee Platform Services service failed to start due to the following error:
    %%1053

    Error: (02/07/2015 10:05:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.

    Error: (02/07/2015 10:05:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The McAfee OOBE Service2 service failed to start due to the following error:
    %%1053

    Error: (02/07/2015 10:05:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee OOBE Service2 service to connect.

    Error: (02/07/2015 10:05:39 PM) (Source: BTHUSB) (EventID: 5) (User: )
    Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.

    Error: (02/05/2015 00:38:33 PM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (02/05/2015 10:14:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The McAfee Platform Services service failed to start due to the following error:
    %%1053

    Error: (02/05/2015 10:14:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.

    Error: (02/05/2015 10:14:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The McAfee OOBE Service2 service failed to start due to the following error:
    %%1053

    Error: (02/05/2015 10:14:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee OOBE Service2 service to connect.


    Microsoft Office Sessions:
    =========================
    Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

    Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

    Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceServiceMain: ServiceStart() failed.

    Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

    Error: (02/08/2015 00:01:38 AM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

    Error: (02/07/2015 10:06:19 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.

    Error: (02/07/2015 10:06:19 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005]

    Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

    Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

    Error: (02/07/2015 10:05:57 PM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceServiceMain: ServiceStart() failed.


    CodeIntegrity Errors:
    ===================================
    Date: 2015-02-07 23:32:45.546
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-07 22:50:33.203
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-07 22:50:33.031
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-07 22:50:32.844
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-07 22:50:32.515
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-07 22:50:32.312
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-07 22:50:32.140
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-07 22:50:30.218
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-07 22:50:29.922
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-07 22:50:29.609
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
    Percentage of memory in use: 49%
    Total physical RAM: 8077.59 MB
    Available physical RAM: 4039.85 MB
    Total Pagefile: 10637.59 MB
    Available Pagefile: 6229.09 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.83 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:64.73 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:1.11 GB) NTFS
    Drive e: () (Fixed) (Total:7.45 GB) (Free:1.65 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 185485F0)

    Partition: GPT Partition Type.

    ========================================================
    Disk: 1 (Size: 22.4 GB) (Disk ID: BC223D42)

    Partition: GPT Partition Type.

    ========================================================
    Disk: 2 (Size: 7.5 GB) (Disk ID: 570BFEDA)
    Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

    ==================== End Of Log ============================

    -----------------------------------------------------------------------------------------------------------------------
    Farbar Service Scanner

    Farbar Service Scanner Version: 17-01-2015
    Ran by Gladwin (administrator) on 08-02-2015 at 01:04:14
    Running from "C:\Users\ASUS\Desktop\Troubleshoot Program"
    Microsoft Windows 8.1 (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    There is no connection to network.
    Attempt to access Google IP returned error. Google IP is unreachable
    Attempt to access Google.com returned error: Other errors
    Attempt to access Yahoo.com returned error: Other errors


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Policy:
    ========================


    Action Center:
    ============


    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============

    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => File is digitally signed
    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
    C:\Windows\System32\dhcpcore.dll => File is digitally signed
    C:\Windows\System32\drivers\afd.sys => File is digitally signed
    C:\Windows\System32\drivers\tdx.sys => File is digitally signed
    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
    C:\Windows\System32\dnsrslvr.dll => File is digitally signed
    C:\Windows\System32\mpssvc.dll => File is digitally signed
    C:\Windows\System32\bfe.dll => File is digitally signed
    C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
    C:\Windows\System32\wscsvc.dll => File is digitally signed
    C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
    C:\Windows\System32\wuaueng.dll => File is digitally signed
    C:\Windows\System32\qmgr.dll => File is digitally signed
    C:\Windows\System32\es.dll => File is digitally signed
    C:\Windows\System32\cryptsvc.dll => File is digitally signed
    C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
    C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed


    **** End of log ****

    -------------------------------------------------------------------------------------------------------------------------
    Using the file routercheck.bat


    Windows IP Configuration

    Host Name . . . . . . . . . . . . : Gladwin
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Ethernet adapter Bluetooth Network Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
    Physical Address. . . . . . . . . : 2C-D0-5A-41-63-DF
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Server: UnKnown
    Address: 127.0.0.1

    Server: UnKnown
    Address: 127.0.0.1

    Ping request could not find host google.com. Please check the name and try again.
    Ping request could not find host yahoo.com. Please check the name and try again.
    ===========================================================================
    Interface List
    6...2c d0 5a 41 63 df ......Bluetooth Device (Personal Area Network)
    1...........................Software Loopback Interface 1
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    1 306 ::1/128 On-link
    1 306 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None

    ------------------------------------------------------------------------------------------------------------------------------
    Minibox

    MiniToolBox by Farbar Version: 30-11-2014
    Ran by Gladwin (administrator) on 08-02-2015 at 00:56:20
    Running from "C:\Users\ASUS\Desktop\Troubleshoot Program"
    Microsoft Windows 8.1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.

    "Reset FF Proxy Settings": Firefox Proxy settings were reset.


    **** End of log ****

    MiniToolBox by Farbar Version: 30-11-2014
    Ran by Gladwin (administrator) on 08-02-2015 at 00:59:00
    Running from "C:\Users\ASUS\Desktop\Troubleshoot Program"
    Microsoft Windows 8.1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    ========================= FF Proxy Settings: ==============================

    ========================= Hosts content: =================================




    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com

    There are 15543 more lines starting with "127.0.0.1"

    ========================= IP Configuration: ================================

    Qualcomm Atheros AR9485WB-EG Wireless Network Adapter = Wi-Fi (Connected)
    Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
    Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global icmpredirects=enabled
    set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : Gladwin
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Ethernet adapter Bluetooth Network Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
    Physical Address. . . . . . . . . : 2C-D0-5A-41-63-DF
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Server: UnKnown
    Address: 127.0.0.1

    Ping request could not find host google.com. Please check the name and try again.
    Server: UnKnown
    Address: 127.0.0.1

    Ping request could not find host yahoo.com. Please check the name and try again.

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    6...2c d0 5a 41 63 df ......Bluetooth Device (Personal Area Network)
    1...........................Software Loopback Interface 1
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    1 306 ::1/128 On-link
    1 306 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
    Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
    Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
    Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
    Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
    Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
    Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

    **** End of log ****
     
  4. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Post the AdwCleaner logs available in the C:\AdwCleaner folder.
     
  5. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Reinstall Hotspot Shield. Download the installer from another computer and save it on a Flash drive. Insert on the troubled computer and reinstall.

    After a restart, see if you have and internet connection.
     
  6. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    1st time

    # AdwCleaner v4.109 - Report created 04/02/2015 at 23:24:12
    # Updated 24/01/2015 by Xplode
    # Database : 2015-02-03.1 [Live]
    # Operating System : Windows 8.1 (64 bits)
    # Username : Gladwin - GLADWIN
    # Running from : C:\Users\ASUS\Downloads\adwcleaner_4.109.exe
    # Option : Scan

    ***** [ Services ] *****

    Service Found : hshld
    Service Found : hsstrayservice
    Service Found : hsswd

    ***** [ Files / Folders ] *****

    File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
    File Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\conduit-search.xml
    File Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\default-search.xml
    File Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\yahoo_ff.xml
    File Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\user.js
    File Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\tm82nflx.default\searchplugins\yahoo_ff.xml
    File Found : C:\Users\Public\Desktop\Hotspot Shield.lnk
    File Found : C:\WINDOWS\System32\drivers\hssdrv6.sys
    File Found : C:\WINDOWS\System32\drivers\taphss6.sys
    Folder Found : C:\Program Files (x86)\hotspot shield
    Folder Found : C:\ProgramData\hotspot shield
    Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
    Folder Found : C:\ProgramData\smdmf
    Folder Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj
    Folder Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgbcffenncokfocljomejddmgcpppjom
    Folder Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
    Folder Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
    Folder Found : C:\Users\ASUS\AppData\Roaming\FirefoxToolbar
    Folder Found : C:\Users\ASUS\AppData\Roaming\hotspot shield
    Folder Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected]
    Folder Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected]
    Folder Found : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield
    Folder Found : C:\WINDOWS\SysWOW64\hotspot shield

    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\ASUS\AppData\Local\Linkey\IEExtension\ietlb.dll
    Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\ASUS\AppData\Local\Linkey\IEExtension\ietlb64.dll
    Key Found : HKCU\Software\Google\Chrome\Extensions\kpckgflgdapkpabemgkielbefdildaio
    Key Found : HKCU\Software\InstallCore
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Found : HKCU\Software\systweak
    Key Found : [x64] HKCU\Software\InstallCore
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
    Key Found : [x64] HKCU\Software\systweak
    Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
    Key Found : HKLM\SOFTWARE\Classes\AppID\iedll.dll
    Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
    Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fgbcffenncokfocljomejddmgcpppjom
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
    Key Found : HKLM\SOFTWARE\hotspotshield
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
    Key Found : HKLM\SOFTWARE\SmdmF
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Value Found : HKCU\Software\Mozilla\Firefox\Extensions [[email protected]]
    Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
    Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
    Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
    Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17416


    -\\ Mozilla Firefox v35.0.1 (x86 en-US)

    [8aqpcbli.default] - Line Found : user_pref("browser.search.hiddenOneOffs", "default-search.net");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var1", "0");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var10", "0");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var2", "0");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var3", "0");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var4", "0");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var5", "0");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var6", "0");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var7", "0");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var8", "0");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.Var9", "0");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.cache.tbs_include_xml_spd", "52/15/30/10/113");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.firstlaunch", "0");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.guid", "%7BB9BC7BEC-34B7-644B-BCC1-9DF36BEEA241%7D");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader.userId", "%12");
    [8aqpcbli.default] - Line Found : user_pref("speedbitvideodownloader_installed_version", "3.2.0");
    [tm82nflx.default] - Line Found : user_pref("browser.startup.homepage", "hxxp://sg.search.yahoo.com/?type=599486&fr=spigot-yhp-ff");

    -\\ Google Chrome v40.0.2214.94


    *************************

    AdwCleaner[R0].txt - [8705 octets] - [04/02/2015 23:24:12]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8765 octets] ##########

    # AdwCleaner v4.109 - Report created 04/02/2015 at 23:26:13
    # Updated 24/01/2015 by Xplode
    # Database : 2015-02-03.1 [Live]
    # Operating System : Windows 8.1 (64 bits)
    # Username : Gladwin - GLADWIN
    # Running from : C:\Users\ASUS\Downloads\adwcleaner_4.109.exe
    # Option : Clean

    ***** [ Services ] *****

    Service Deleted : hshld
    [#] Service Deleted : hsstrayservice
    Service Deleted : hsswd

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\hotspot shield
    Folder Deleted : C:\ProgramData\smdmf
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
    Folder Deleted : C:\Program Files (x86)\hotspot shield
    Folder Deleted : C:\WINDOWS\SysWOW64\hotspot shield
    Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield
    Folder Deleted : C:\Users\ASUS\AppData\Roaming\FirefoxToolbar
    Folder Deleted : C:\Users\ASUS\AppData\Roaming\hotspot shield
    Folder Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected]
    Folder Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected]
    Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgbcffenncokfocljomejddmgcpppjom
    Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
    Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
    Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj
    File Deleted : C:\Users\Public\Desktop\Hotspot Shield.lnk
    File Deleted : C:\WINDOWS\System32\drivers\taphss6.sys
    File Deleted : C:\WINDOWS\System32\drivers\hssdrv6.sys
    File Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\conduit-search.xml
    File Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\default-search.xml
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
    File Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\user.js
    File Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\searchplugins\yahoo_ff.xml
    File Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\tm82nflx.default\searchplugins\yahoo_ff.xml

    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [[email protected]]
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fgbcffenncokfocljomejddmgcpppjom
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
    Key Deleted : HKCU\Software\Google\Chrome\Extensions\kpckgflgdapkpabemgkielbefdildaio
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
    Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
    Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
    Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\iedll.dll
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
    Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
    Key Deleted : HKCU\Software\InstallCore
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKLM\SOFTWARE\hotspotshield
    Key Deleted : HKLM\SOFTWARE\SmdmF
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
    Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\ASUS\AppData\Local\Linkey\IEExtension\ietlb.dll
    Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\ASUS\AppData\Local\Linkey\IEExtension\ietlb64.dll

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17416


    -\\ Mozilla Firefox v35.0.1 (x86 en-US)

    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("browser.search.hiddenOneOffs", "default-search.net");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var1", "0");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var10", "0");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var2", "0");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var3", "0");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var4", "0");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var5", "0");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var6", "0");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var7", "0");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var8", "0");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var9", "0");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.cache.tbs_include_xml_spd", "52/15/30/10/113");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.firstlaunch", "0");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.guid", "%7BB9BC7BEC-34B7-644B-BCC1-9DF36BEEA241%7D");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.userId", "%12");
    [8aqpcbli.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader_installed_version", "3.2.0");
    [tm82nflx.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://sg.search.yahoo.com/?type=599486&fr=spigot-yhp-ff");

    -\\ Google Chrome v40.0.2214.94


    *************************

    AdwCleaner[R0].txt - [8897 octets] - [04/02/2015 23:25:34]
    AdwCleaner[S0].txt - [8517 octets] - [04/02/2015 23:26:13]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8577 octets] ##########
     
  7. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    2nd time

    # AdwCleaner v4.109 - Report created 04/02/2015 at 23:31:19
    # Updated 24/01/2015 by Xplode
    # Database : 2015-01-24.3 [Local]
    # Operating System : Windows 8.1 (64 bits)
    # Username : Gladwin - GLADWIN
    # Running from : C:\Users\ASUS\Downloads\adwcleaner_4.109.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : [x64] HKLM\SOFTWARE\Linkey
    Key Found : [x64] HKLM\SOFTWARE\LINKEY

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17416


    -\\ Mozilla Firefox v35.0.1 (x86 en-US)


    -\\ Google Chrome v40.0.2214.94

    [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
    [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

    *************************

    AdwCleaner[R0].txt - [8897 octets] - [04/02/2015 23:25:34]
    AdwCleaner[R1].txt - [1194 octets] - [04/02/2015 23:31:19]
    AdwCleaner[S0].txt - [8693 octets] - [04/02/2015 23:26:20]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1314 octets] ##########

    # AdwCleaner v4.109 - Report created 04/02/2015 at 23:32:47
    # Updated 24/01/2015 by Xplode
    # Database : 2015-01-24.3 [Local]
    # Operating System : Windows 8.1 (64 bits)
    # Username : Gladwin - GLADWIN
    # Running from : C:\Users\ASUS\Downloads\adwcleaner_4.109.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : [x64] HKLM\SOFTWARE\Linkey

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17416


    -\\ Mozilla Firefox v35.0.1 (x86 en-US)


    -\\ Google Chrome v40.0.2214.94

    [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
    [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

    *************************

    AdwCleaner[R0].txt - [8897 octets] - [04/02/2015 23:25:34]
    AdwCleaner[R1].txt - [1402 octets] - [04/02/2015 23:32:18]
    AdwCleaner[S0].txt - [8693 octets] - [04/02/2015 23:26:20]
    AdwCleaner[S1].txt - [1287 octets] - [04/02/2015 23:32:47]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1347 octets] ##########
     
  8. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    Thanks!Surprisingly installing back hotspot shield made the internet work again.

    However, the unknown virus/malware affecting Google, yahoo and bing still exist. Can help with that?
     
  9. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    [​IMG] Please download Malwarebytes' Anti-Malware from Here.

    Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)
    • Select the language and click OK.
    • Accept the agreement
    • Make sure a checkmark is placed next to Enable the Free Trial and Launch [*]Malwarebytes' Anti-Malware, then click on finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Scan Now".
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click on Quanrantee All,.
    • When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
    • Upon restart, launch Malwarebytes Antimalware and select History.
    • Double click on the last scan done, then on Copy to Clipboard.
    • Right click on your next reply and select Paste.
    • Submit your reply.

    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
     
  10. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    Hi, I cannot see the last scan button after going to history. But this is the scan log i found from the log folder. Done 2 scans for computer A

    <?xml version="1.0" encoding="UTF-16" ?>
    <mbam-log>
    <header>
    <date>2015/02/08 00:17:23 +0800</date>
    <logfile>mbam-log-2015-02-08 (00-17-23).xml</logfile>
    <isadmin>yes</isadmin>
    </header>
    <engine>
    <version>2.00.4.1028</version>
    <malware-database>v2014.11.20.06</malware-database>
    <rootkit-database>v2014.11.18.01</rootkit-database>
    <license>free</license>
    <file-protection>disabled</file-protection>
    <web-protection>disabled</web-protection>
    <self-protection>disabled</self-protection>
    </engine>
    <system>
    <osversion>Windows 8.1</osversion>
    <arch>x64</arch>
    <username>Gladwin</username>
    <filesys>NTFS</filesys>
    </system>
    <summary>
    <type>threat</type>
    <result>completed</result>
    <objects>370341</objects>
    <time>1618</time>
    <processes>0</processes>
    <modules>0</modules>
    <keys>0</keys>
    <values>0</values>
    <datas>0</datas>
    <folders>0</folders>
    <files>4</files>
    <sectors>0</sectors>
    </summary>
    <options>
    <memory>enabled</memory>
    <startup>enabled</startup>
    <filesystem>enabled</filesystem>
    <archives>enabled</archives>
    <rootkits>disabled</rootkits>
    <deeprootkit>disabled</deeprootkit>
    <heuristics>enabled</heuristics>
    <pup>enabled</pup>
    <pum>enabled</pum>
    </options>
    <items>
    <file><path>C:\$Recycle.Bin\S-1-5-21-147487581-2992457104-1551078015-1002\$R5MVSUM.exe</path><vendor>PUP.Optional.Unizeto</vendor><action>success</action><hash>ed19f04e46367abc7476724f4fb5d927</hash></file>
    <file><path>C:\$Recycle.Bin\S-1-5-21-147487581-2992457104-1551078015-1002\$RV6ANPY.exe</path><vendor>PUP.Optional.InstalleRex</vendor><action>success</action><hash>bc4afb439ce05ed887c0abe633ce53ad</hash></file>
    <file><path>C:\$Recycle.Bin\S-1-5-21-147487581-2992457104-1551078015-1002\$R9JRXGJ.exe</path><vendor>PUP.Optional.InstalleRex</vendor><action>success</action><hash>10f61a24bcc0ad89427c544d0af7a25e</hash></file>
    <file><path>C:\$Recycle.Bin\S-1-5-21-147487581-2992457104-1551078015-1002\$RQMJ4B7.exe</path><vendor>PUP.Optional.InstalleRex</vendor><action>success</action><hash>b94dd46a027ac373db7bfb9522df7888</hash></file>
    </items>
    </mbam-log>

    --------------------------------------------------------------------------------------------------
    <?xml version="1.0" encoding="UTF-16" ?>
    <mbam-log>
    <header>
    <date>2015/02/08 10:47:37 +0800</date>
    <logfile>mbam-log-2015-02-08 (10-47-36).xml</logfile>
    <isadmin>yes</isadmin>
    </header>
    <engine>
    <version>2.00.4.1028</version>
    <malware-database>v2015.02.08.01</malware-database>
    <rootkit-database>v2015.02.03.01</rootkit-database>
    <license>free</license>
    <file-protection>disabled</file-protection>
    <web-protection>disabled</web-protection>
    <self-protection>disabled</self-protection>
    </engine>
    <system>
    <osversion>Windows 8.1</osversion>
    <arch>x64</arch>
    <username>Gladwin</username>
    <filesys>NTFS</filesys>
    </system>
    <summary>
    <type>threat</type>
    <result>completed</result>
    <objects>388317</objects>
    <time>2008</time>
    <processes>0</processes>
    <modules>0</modules>
    <keys>0</keys>
    <values>0</values>
    <datas>0</datas>
    <folders>0</folders>
    <files>1</files>
    <sectors>0</sectors>
    </summary>
    <options>
    <memory>enabled</memory>
    <startup>enabled</startup>
    <filesystem>enabled</filesystem>
    <archives>enabled</archives>
    <rootkits>disabled</rootkits>
    <deeprootkit>disabled</deeprootkit>
    <heuristics>enabled</heuristics>
    <pup>enabled</pup>
    <pum>enabled</pum>
    </options>
    <items>
    <file><path>C:\Users\ASUS\AppData\Local\Temp\Quarantine.exe</path><vendor>Trojan.Agent</vendor><action>success</action><hash>0af714081674aa8ca4b0bf5e50b2cd33</hash></file>
    </items>
    </mbam-log>
     
  11. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    For computer B (windows 7 in macbook bootcamp), nothing is detected
     
  12. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Reset your browsers to default. For instructions see here.

    Let me know the outcome.
     
  13. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    Hi, I've reset all my browsers and the same issue still persist
     
  14. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    • Run the ESET Online Scanner.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the [​IMG] button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the [​IMG] icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE:Sometimes if ESET finds no infections it will not create a log.
     
  15. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    C:\Users\All Users\IObit\ASCDownloader\Advanced SystemCare.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF30.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF31.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF32.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF33.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF34.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF4.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF5.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF6.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF7.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF8.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF9.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
    C:\Users\ASUS\Downloads\Programs\FileZilla_3.9.0.6_win32-setup.exe a variant of Win32/InstallCore.UE potentially unwanted application
    C:\Users\ASUS\Downloads\Programs\javaupdate_setup.exe a variant of Win32/AdWare.iBryte.BJ application
    C:\Users\ASUS\Dropbox\(Myself)\Software Download\SEO PowerSuite 2013 KeyGen - BlackNinjx\SEO PowerSuite 2013 KeyGen - BlackNinjx.exe a variant of MSIL/Packed.Confuser.A potentially unwanted application
    C:\$Recycle.Bin\S-1-5-21-147487581-2992457104-1551078015-1002\$R0MMFNL.exe Win32/ELEX.AY potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\newtab.html.vir Win32/AztecMedia.A potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF10.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF11.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF12.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF13.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF14.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF15.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF16.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF17.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF18.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF19.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF2.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF20.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF21.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF22.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF23.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF24.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF25.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF26.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF27.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF28.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF29.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF30.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF31.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF32.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF33.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF34.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF4.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF5.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF6.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF7.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF8.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF9.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\ProgramData\IObit\ASCDownloader\Advanced SystemCare.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\newtab.html.vir Win32/AztecMedia.A potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF10.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF11.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF12.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF13.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF14.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF15.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF16.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF17.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF18.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF19.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF2.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF20.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF21.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF22.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF23.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF24.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF25.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF26.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF27.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF28.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
    C:\Users\ASUS\Desktop\Troubleshoot Program\Files\AdwCleaner\Quarantine\C\Users\ASUS\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF29.dll.vir a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application deleted - quarantined
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Lookup Failed (Cannot
  1. Yessir6789
    Replies:
    1
    Views:
    535
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1142645

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice