1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Internet not working after removal of malware using AdwCleaner

Discussion in 'Virus & Other Malware Removal' started by kango88, Aug 6, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    Hi,
    I got infected with some unknown spyware and decided to use AdwCleaner to remove it. Unfortunately, after removal and restart of my comp, all my browsers (chrome, firefox and ie) shows that I'm unable to connect to proxy server and i cannot get on the internet

    Below are my stats and the Adw Reports

    Thanks

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 8.1, 64 bit
    Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz, Intel64 Family 6 Model 58 Stepping 9
    Processor Count: 4
    RAM: 8077 Mb
    Graphics Card: NVIDIA GeForce GT 740M, -2048 Mb
    Hard Drives: C: Total - 190423 MB, Free - 4238 MB; D: Total - 264346 MB, Free - 44283 MB; G: Total - 476799 MB, Free - 476786 MB; H: Total - 953861 MB, Free - 6912 MB; I: Total - 476927 MB, Free - 476171 MB;
    Motherboard: ASUSTeK COMPUTER INC., K46CB
    Antivirus: Windows Defender, Disabled
     
  2. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    # AdwCleaner v4.208 - Logfile created 06/08/2015 at 18:22:38
    # Updated 09/07/2015 by Xplode
    # Database : 2015-08-01.1 [Server]
    # Operating system : Windows 8.1 (x64)
    # Username : Gladwin - GLADWIN
    # Running from : C:\Users\ASUS\Downloads\Programs\adwcleaner_4.208.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eakacpaijcpapndcfffdgphdiccmpknp
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage-journal
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_user.qzone.qq.com_0.localstorage
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_user.qzone.qq.com_0.localstorage-journal
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_v.qq.com_0.localstorage
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_v.qq.com_0.localstorage-journal
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.haoqq.com_0.localstorage
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.haoqq.com_0.localstorage-journal
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
    File Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
    Folder Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp
    Folder Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
    Folder Found : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
    Folder Found : C:\Users\ASUS\AppData\Roaming\RHEng

    ***** [ Scheduled tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Data Found : HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings [ProxySettingsPerUser] - 1
    Key Found : HKCU\Software\AceStream
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
    Key Found : [x64] HKCU\Software\AceStream
    Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Found : HKLM\SOFTWARE\Classes\pc-mechanic
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17840


    -\\ Mozilla Firefox v39.0 (x86 en-US)


    -\\ Google Chrome v44.0.2403.130

    [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPF84B958F-6C5F-431F-B5D3-7D8E0D53175F&SSPV=
    [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Startup_URLs] : BF12DAD852C3B89FAE29289F1CF7E22AF4C2E12511726AD96BEC8F8737CB0E44"},"software_reporter":{"prompt_reason":"7098149B5C6608703C20AFD50B55583F39065A9B2D191E8EFBCF292BCC9A2898","prompt_seed":"F228C39AFBCF258698E713A347891E902CB8909AF01802EA2A45C320B9287683","prompt_version":"F6CFEB747BACB4ABD4C38BAEFF1465C3CE44405671E54E1699B1BEAB163C5BBC"},"sync":{"remaining_rollback_tries":"F0B6A06E920B0E21E1CAC87B25C555973A6B1BCE06A0E0C5DEE5EB6714B38691"}},"super_mac":"84F9BF6981E41FBD1CE9AE768F0D76A717CEA9B448164BBF3771A04989ABB95C"},"session":{"restore_on_startup":1,"startup_urls":["hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPF84B958F-6C5F-431F-B5D3-7D8E0D53175F&SSPV=

    *************************

    AdwCleaner[R0].txt - [4930 bytes] - [06/08/2015 18:22:38]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4989 bytes] ##########
     
  3. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    # AdwCleaner v4.208 - Logfile created 06/08/2015 at 18:24:27
    # Updated 09/07/2015 by Xplode
    # Database : 2015-08-01.1 [Server]
    # Operating system : Windows 8.1 (x64)
    # Username : Gladwin - GLADWIN
    # Running from : C:\Users\ASUS\Downloads\Programs\adwcleaner_4.208.exe
    # Option : Cleaning

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Users\ASUS\AppData\Roaming\RHEng
    Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
    Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
    Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage-journal
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eakacpaijcpapndcfffdgphdiccmpknp
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_user.qzone.qq.com_0.localstorage
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_user.qzone.qq.com_0.localstorage-journal
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_v.qq.com_0.localstorage
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_v.qq.com_0.localstorage-journal
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.haoqq.com_0.localstorage
    File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.haoqq.com_0.localstorage-journal

    ***** [ Scheduled tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\pc-mechanic
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Deleted : HKCU\Software\AceStream
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
    Data Deleted : HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings [ProxySettingsPerUser] - 1

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17840


    -\\ Mozilla Firefox v39.0 (x86 en-US)


    -\\ Google Chrome v44.0.2403.130

    [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPF84B958F-6C5F-431F-B5D3-7D8E0D53175F&SSPV=
    [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : BF12DAD852C3B89FAE29289F1CF7E22AF4C2E12511726AD96BEC8F8737CB0E44"},"software_reporter":{"prompt_reason":"7098149B5C6608703C20AFD50B55583F39065A9B2D191E8EFBCF292BCC9A2898","prompt_seed":"F228C39AFBCF258698E713A347891E902CB8909AF01802EA2A45C320B9287683","prompt_version":"F6CFEB747BACB4ABD4C38BAEFF1465C3CE44405671E54E1699B1BEAB163C5BBC"},"sync":{"remaining_rollback_tries":"F0B6A06E920B0E21E1CAC87B25C555973A6B1BCE06A0E0C5DEE5EB6714B38691"}},"super_mac":"84F9BF6981E41FBD1CE9AE768F0D76A717CEA9B448164BBF3771A04989ABB95C"},"session":{"restore_on_startup":1,"startup_urls":["hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPF84B958F-6C5F-431F-B5D3-7D8E0D53175F&SSPV=

    *************************

    AdwCleaner[R0].txt - [5080 bytes] - [06/08/2015 18:23:29]
    AdwCleaner[S0].txt - [5018 bytes] - [06/08/2015 18:24:27]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5077 bytes] ##########
     
  4. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    55,596
    First Name:
    Derek
    first see if this cures it
    In IE: Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.

    In Firefox in Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection and uncheck the proxyserver, set it to No Proxy.

    if not then
    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to download and run the 64 bit version

    • Right click to run as administrator. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
     
  5. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
    Ran by Gladwin (administrator) on GLADWIN (06-08-2015 23:26:37)
    Running from C:\Users\ASUS\Desktop
    Loaded Profiles: Gladwin (Available Profiles: Gladwin)
    Platform: Windows 8.1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
    (Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
    () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    () C:\Program Files (x86)\Livedrive\VSSService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
    (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
    (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
    (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
    (Spotify Ltd) C:\Users\ASUS\AppData\Roaming\Spotify\SpotifyWebHelper.exe
    (Google Inc.) C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
    () C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe
    (Barracuda Networks, Inc.) C:\Users\ASUS\AppData\Roaming\Copy\CopyAgent.exe
    (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
    (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe
    (Livedrive Internet Ltd) C:\Program Files (x86)\Livedrive\Livedrive.exe
    (Spotify Ltd) C:\Users\ASUS\AppData\Roaming\Spotify\Spotify.exe
    (Spotify Ltd) C:\Users\ASUS\AppData\Roaming\Spotify\SpotifyCrashService.exe
    (Spotify Ltd) C:\Users\ASUS\AppData\Roaming\Spotify\Spotify.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Spotify Ltd) C:\Users\ASUS\AppData\Roaming\Spotify\Spotify.exe
    (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
    (Dropbox, Inc.) C:\Users\ASUS\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    (Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
    () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmW.exe
    () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmwj.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
    (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
    (Dropbox, Inc.) C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\AsusWSPanel.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-12-23] (Realtek Semiconductor)
    HKLM\...\Run: [AuditSHD] => C:\windows\system32\oobe\auditshd.exe [29696 2013-08-22] (Microsoft Corporation)
    HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-30] (Qualcomm Atheros)
    HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-30] (Qualcomm Atheros Commnucations)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [70656 2014-12-23] (Intel Corporation)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-27] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-08-05] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
    HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\ASUSWSLoader.exe [63296 2014-07-08] ()
    HKLM-x32\...\Run: [Launcher] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\Launcher\fxlaunch.exe [2400768 2012-04-28] (Fuji Xerox Co., Ltd.)
    HKLM-x32\...\Run: [M205f RUN] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmRun.exe [355840 2012-06-20] ()
    HKLM-x32\...\Run: [StatusAutoRunm205f] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmpl.exe [3978752 2012-06-20] ()
    HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-05-06] (DivX, LLC)
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
    HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-11-19] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3084288 2012-07-31] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-08] (Avast Software s.r.o.)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2013-11-14] (Microsoft Corporation)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Spotify Web Helper] => C:\Users\ASUS\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-24] (Spotify Ltd)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Google Update] => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-13] (Google Inc.)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [instanteyedropper] => C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe [352256 2007-10-17] ()
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Copy] => C:\Users\ASUS\AppData\Roaming\Copy\CopyAgent.exe [15410832 2015-04-08] (Barracuda Networks, Inc.)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [GoogleChromeAutoLaunch_D5DDF34FE692FC2EA1B8968615A3C02A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-31] (Google Inc.)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Livedrive] => C:\Program Files (x86)\Livedrive\Livedrive.exe [1850072 2015-03-04] (Livedrive Internet Ltd)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Spotify] => C:\Users\ASUS\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-07-24] (Spotify Ltd)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-09] (Piriform Ltd)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056 2015-05-21] (Tonec Inc.)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [Dropbox Update] => C:\Users\ASUS\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
    HKU\S-1-5-18\...\Run: [Copy] => C:\Users\ASUS\AppData\Roaming\Copy\CopyAgent.exe [15410832 2015-04-08] (Barracuda Networks, Inc.)
    HKU\S-1-5-18\...\Run: [Backblaze] => "C:\Program Files (x86)\Backblaze\bzbui.exe" -quiet
    AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
    AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-08-28]
    ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-08-28]
    ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk [2014-06-25]
    ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
    Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-31]
    ShortcutTarget: Dropbox.lnk -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-31]
    ShortcutTarget: Dropbox.lnk -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
    SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-08] (Avast Software s.r.o.)
    ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-02-23] (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-02-23] (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-02-23] (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-02-23] (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-02-23] (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-02-23] (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-02-23] (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\ASUS\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-02-23] (Barracuda Networks, Inc.)
    ShellIconOverlayIdentifiers: [BackupOverlay] -> {B44A5D93-1351-41A1-BD91-5E92435D8ECD} => C:\Program Files (x86)\Livedrive\Extensions.dll [2015-03-04] (Livedrive Internet Ltd)
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\system32\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)
    ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
    ShellIconOverlayIdentifiers: [LivedriveDownloadOverlay] -> {CBCDB610-6B68-4EE9-B7A2-1282FD0C9292} => C:\Program Files (x86)\Livedrive\Extensions.dll [2015-03-04] (Livedrive Internet Ltd)
    ShellIconOverlayIdentifiers: [LivedriveSharedOverlay] -> {84CEF1E4-1356-4063-845F-05047F4DD52C} => C:\Program Files (x86)\Livedrive\Extensions.dll [2015-03-04] (Livedrive Internet Ltd)
    ShellIconOverlayIdentifiers: [LivedriveSyncedOverlay] -> {42058329-2FBF-4B33-8E52-3BE5754DE0C1} => C:\Program Files (x86)\Livedrive\Extensions.dll [2015-03-04] (Livedrive Internet Ltd)
    ShellIconOverlayIdentifiers: [LivedriveUploadOverlay] -> {39A1715A-E4CD-4F1E-B5C4-36B5DB80124E} => C:\Program Files (x86)\Livedrive\Extensions.dll [2015-03-04] (Livedrive Internet Ltd)
    ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\SysWow64\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] <======= ATTENTION (Policy restriction on ProxySettings)
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-05-20] (Internet Download Manager, Tonec Inc.)
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
    BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-30] (Qualcomm Atheros Commnucations)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-14] (Avast Software s.r.o.)
    BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-08-28] (LastPass)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-05-20] (Internet Download Manager, Tonec Inc.)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
    BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-14] (Avast Software s.r.o.)
    BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-08-28] (LastPass)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
    Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-08-28] (LastPass)
    Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-08-28] (LastPass)
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
    Hosts: Hosts file not detected in the default directory
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{02C43D9E-797A-401F-B4B3-1220D9CFEF95}: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{DA192E8A-BC9C-4895-957E-3B4C3EB891AB}: [DhcpNameServer] 192.168.1.254

    FireFox:
    ========
    FF ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
    FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-08-28] (LastPass)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
    FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-05-15] (DivX, LLC)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
    FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2014-08-28] (LastPass)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @acestream.net/acestreamplugin,version=2.2.0-next -> C:\Users\ASUS\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-06-13] (Innovative Digital Technologies)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @citrixonline.com/appdetectorplugin -> C:\Users\ASUS\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-04-26] (Citrix Online)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\ASUS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @talk.google.com/O1DPlugin -> C:\Users\ASUS\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @tools.google.com/Google Update;version=3 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-147487581-2992457104-1551078015-1002: @tools.google.com/Google Update;version=9 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-01-07] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-01-07] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-01-07] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-01-07] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-01-07] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\ASUS\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\ASUS\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Extension: IDM CC - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2015-04-28]
    FF Extension: LastPass - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2015-07-21]
    FF Extension: FireShot - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-06-09]
    FF Extension: EPUBReader - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-05-31]
    FF Extension: Easy App Tabs - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2015-05-31]
    FF Extension: MEGA - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2015-07-26]
    FF Extension: Media Stealer - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2015-05-31]
    FF Extension: MozBar - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\[email protected] [2015-05-31]
    FF Extension: Reader - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}.xpi [2015-06-22]
    FF Extension: Graph Authority - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\8aqpcbli.default\Extensions\{CBECCADF-6A82-4141-A264-7ED25F718BCB}.xpi [2014-04-10]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-16]
    FF HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Firefox\Extensions: [[email protected]] - C:\Users\ASUS\AppData\Roaming\IDM\idmmzcc5
    FF Extension: IDM CC - C:\Users\ASUS\AppData\Roaming\IDM\idmmzcc5 [2015-08-06]
    FF HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\ASUS\AppData\Roaming\IDM\idmmzcc5

    Chrome:
    =======
    CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (IDM Integration Module) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-04-03]
    CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-05-20]
    CHR HKU\S-1-5-21-147487581-2992457104-1551078015-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-14]
    CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-05-20]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-14] (ASUS)
    R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe [71680 2014-01-15] (ASUS Cloud Corporation) [File not signed]
    R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-08] (Avast Software s.r.o.)
    S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-06-08] (Avast Software)
    S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2012-07-13] (Brother Industries, Ltd.) [File not signed]
    S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-12-06] (Microsoft Corporation)
    R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
    R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2014-12-23] (Intel Corporation)
    S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [118728 2014-12-23] (Intel Corporation)
    S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [92672 2014-12-23] (Intel Corporation)
    S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [88064 2014-12-23] (Intel Corporation)
    R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-31] (Diskeeper Corporation)
    R2 FXNADB; C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe [96768 2012-06-20] () [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-28] (Intel Corporation)
    R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-26] (Intel Corporation)
    R2 LivedriveVSSService; C:\Program Files (x86)\Livedrive\VSSService.exe [210648 2015-03-04] ()
    S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-18] (McAfee, Inc.)
    S2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-18] (McAfee, Inc.)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
    R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
    R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2015-05-21] (Clarus, Inc.) [File not signed]
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
    R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-08] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-08] (Avast Software s.r.o.)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-08] (Avast Software s.r.o.)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-08] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-08] (Avast Software s.r.o.)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-08] (Avast Software s.r.o.)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-08] ()
    R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-17] (ASUS Corporation)
    S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
    S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
    S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-12-06] (Microsoft Corporation)
    S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
    R1 cbfs3; C:\WINDOWS\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
    R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2014-12-23] (Intel Corporation)
    R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [50640 2014-12-23] (Intel Corporation)
    S3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [42224 2014-12-23] (Intel Corporation)
    R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2014-12-23] (Intel Corporation)
    S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [234736 2014-12-23] (Intel Corporation)
    R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-31] (Diskeeper Corporation)
    R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-31] (Diskeeper Corporation)
    S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2015-03-02] ()
    R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-23] (REALiX(tm))
    R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
    R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] ()
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-12-23] (Intel Corporation)
    R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] ()
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-28] (NVIDIA Corporation)
    S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-06-08] (Avast Software)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-08-06 23:26 - 2015-08-06 23:27 - 00041300 _____ C:\Users\ASUS\Desktop\FRST.txt
    2015-08-06 23:26 - 2015-08-06 23:26 - 00000000 ____D C:\FRST
    2015-08-06 23:23 - 2015-08-06 23:23 - 02169856 _____ (Farbar) C:\Users\ASUS\Desktop\FRST64.exe
    2015-08-06 23:15 - 2015-08-06 23:15 - 00000000 ___SH C:\DkHyperbootSync
    2015-08-06 18:21 - 2015-08-06 18:24 - 00000000 ____D C:\AdwCleaner
    2015-08-06 16:48 - 2015-08-06 16:48 - 00000261 _____ C:\Users\ASUS\Desktop\Metronic - Responsive Admin Dashboard Template - Site Templates ThemeForest.URL
    2015-08-06 16:26 - 2015-08-06 18:15 - 00000000 ____D C:\Users\ASUS\Desktop\UpViral Bonus
    2015-08-06 12:00 - 2015-08-06 12:00 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
    2015-08-06 12:00 - 2015-08-06 12:00 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
    2015-08-06 10:44 - 2015-08-06 10:44 - 00000000 ____D C:\Users\ASUS\Desktop\Thomas Freese-Secrets of Question Based Selling
    2015-08-06 10:43 - 2015-08-06 11:27 - 00000000 ____D C:\Users\ASUS\Desktop\The FB Advantage - Rick Mulready
    2015-08-06 10:43 - 2015-08-06 10:43 - 00002482 _____ C:\Users\ASUS\Downloads\Thomas Freese-Secrets of Question Based Selling.torrent
    2015-08-05 23:27 - 2015-08-05 23:32 - 00000000 ____D C:\Users\ASUS\Desktop\Noah Kagan- Traffic Course
    2015-08-05 17:45 - 2015-08-05 17:45 - 00000000 ____D C:\Users\ASUS\Desktop\Ezra Firestone-One Stop Shop Prelaunch
    2015-08-05 17:35 - 2015-08-04 18:53 - 00000000 ____D C:\Users\ASUS\Desktop\Semantic Mastery - Curation Mastery
    2015-08-05 11:42 - 2015-08-05 11:50 - 00000000 ____D C:\Users\ASUS\Desktop\Richard Ott - Creating Demand
    2015-08-05 11:41 - 2015-08-05 11:41 - 00013995 _____ C:\Users\ASUS\Downloads\Richard Ott - Creating Demand.torrent
    2015-08-05 01:12 - 2015-08-05 22:56 - 226702666 _____ C:\Users\ASUS\Desktop\30-Minute Traffic Intent Method Webinar &#8211; Replay &#8212; Drip Apps.flv
    2015-08-05 00:18 - 2015-08-05 00:21 - 78712222 _____ C:\Users\ASUS\Desktop\Ritesh Desale-Super Conversion Formulas.zip
    2015-08-05 00:18 - 2015-08-05 00:19 - 00000000 ____D C:\Users\ASUS\Desktop\Jeff Larson - FB Lead Control
    2015-08-04 14:14 - 2015-08-04 14:14 - 00000000 ____D C:\Users\ASUS\Desktop\BenPedersen- HYBRID MARKETING BLUEPRINT
    2015-08-04 10:55 - 2015-08-04 10:58 - 241092206 _____ C:\Users\ASUS\Desktop\Carl Picot-The Millionaire Marketing Summit Notes.zip
    2015-08-04 10:08 - 2015-08-04 10:12 - 00000000 ____D C:\Users\ASUS\Desktop\Mark Rodgers - Persuasion Equation
    2015-08-04 00:34 - 2015-08-04 00:34 - 25542029 _____ C:\Users\ASUS\Desktop\ArticleBuddy_2015_07_30_with_ABEditor(Whitelabel).zip
    2015-08-02 23:31 - 2015-08-02 23:31 - 00000103 _____ C:\Users\ASUS\Desktop\ALL WSOS Download page for WSO Access Members - Succeed With Sean Mize - Take Your Internet Marketing to the Next Level.url
    2015-08-02 23:31 - 2015-08-02 23:31 - 00000050 _____ C:\Users\ASUS\Desktop\Easy search engine monitoring - Wincher.com SERP.url
    2015-08-02 23:17 - 2015-08-02 23:20 - 00000000 ____D C:\Users\ASUS\Desktop\YOUTUBE KEYWORD HACK
    2015-08-02 22:49 - 2015-08-02 22:49 - 00000098 _____ C:\Users\ASUS\Desktop\15 New Social-Media Templates to Save You Even More Time With Your Marketing.url
    2015-08-02 16:00 - 2015-08-02 16:00 - 00000000 ____D C:\Users\ASUS\AppData\Local\Clarus
    2015-08-02 15:37 - 2015-06-16 06:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2015-08-02 15:37 - 2015-06-16 06:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
    2015-08-02 15:37 - 2015-06-16 06:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
    2015-08-02 15:37 - 2015-06-16 06:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
    2015-08-02 15:37 - 2015-06-16 05:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
    2015-08-02 15:37 - 2015-06-16 05:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2015-08-02 15:37 - 2015-06-16 05:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2015-08-02 15:37 - 2015-06-16 05:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2015-08-02 15:37 - 2015-06-16 05:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2015-08-02 15:37 - 2015-06-16 05:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2015-08-02 15:37 - 2015-06-16 05:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2015-08-02 15:37 - 2015-06-16 05:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
    2015-08-02 15:37 - 2015-06-16 05:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
    2015-08-02 15:37 - 2015-06-16 04:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2015-08-02 15:37 - 2015-06-16 04:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
    2015-08-02 15:37 - 2015-06-16 04:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
    2015-08-02 15:37 - 2015-06-16 04:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2015-08-02 15:37 - 2015-06-16 04:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2015-08-02 15:37 - 2015-06-16 04:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2015-08-02 15:37 - 2015-06-16 04:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2015-08-02 15:37 - 2015-06-16 04:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2015-08-02 15:37 - 2015-06-16 04:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2015-08-02 15:37 - 2015-06-16 04:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2015-08-02 15:37 - 2015-06-16 04:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2015-08-02 15:36 - 2015-06-16 06:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2015-08-02 15:36 - 2015-06-16 05:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2015-08-02 15:36 - 2015-06-16 05:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2015-08-02 15:36 - 2015-06-16 05:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2015-08-02 15:36 - 2015-06-16 05:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2015-08-02 15:36 - 2015-06-16 05:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2015-08-02 15:36 - 2015-06-16 04:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
    2015-08-02 15:36 - 2015-06-16 04:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
    2015-08-02 15:36 - 2015-06-16 04:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2015-07-31 19:26 - 2015-07-31 19:26 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\RenPy
    2015-07-31 09:51 - 2015-07-31 09:51 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-07-30 13:52 - 2015-08-05 18:10 - 00000189 _____ C:\Users\ASUS\Desktop\Pearcomms.txt
    2015-07-30 13:36 - 2015-07-30 17:42 - 00000501 _____ C:\Users\ASUS\Desktop\New Digital Mrketing Trend.txt
    2015-07-29 18:51 - 2015-07-29 18:51 - 06478181 _____ C:\Users\ASUS\Downloads\2015_OnlineMarketingSurvey_Moz.csv
    2015-07-29 11:10 - 2015-07-10 03:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2015-07-29 11:10 - 2015-07-10 02:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
    2015-07-29 11:10 - 2015-07-10 00:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2015-07-29 11:10 - 2015-07-09 23:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
    2015-07-29 11:10 - 2015-07-09 23:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
    2015-07-29 11:10 - 2015-07-09 23:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
    2015-07-29 11:10 - 2015-07-09 23:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2015-07-29 11:10 - 2015-07-09 23:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2015-07-29 11:10 - 2015-07-09 23:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
    2015-07-29 11:10 - 2015-07-09 23:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
    2015-07-29 11:10 - 2015-07-09 23:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
    2015-07-29 11:10 - 2015-07-09 23:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2015-07-29 11:10 - 2015-07-09 23:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2015-07-29 11:10 - 2015-06-27 11:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2015-07-29 11:10 - 2015-06-27 11:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2015-07-29 11:10 - 2015-06-27 10:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
    2015-07-29 11:08 - 2015-07-03 05:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2015-07-29 11:08 - 2015-07-03 04:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-07-29 11:08 - 2015-07-03 04:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2015-07-29 11:08 - 2015-07-03 03:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-07-29 11:07 - 2015-07-03 04:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2015-07-29 11:07 - 2015-07-03 04:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2015-07-29 11:07 - 2015-07-03 03:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2015-07-29 11:07 - 2015-07-03 02:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2015-07-29 10:34 - 2015-06-28 13:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2015-07-29 10:34 - 2015-06-28 13:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2015-07-29 10:34 - 2015-06-28 13:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2015-07-29 10:34 - 2015-06-28 13:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2015-07-29 10:34 - 2015-06-28 00:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2015-07-29 10:34 - 2015-06-27 11:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2015-07-29 10:34 - 2015-06-27 11:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2015-07-29 10:34 - 2015-06-27 11:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
    2015-07-29 10:34 - 2015-06-27 10:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2015-07-29 10:34 - 2015-06-27 10:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2015-07-29 10:34 - 2015-06-27 10:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2015-07-29 10:34 - 2015-06-27 09:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2015-07-29 10:34 - 2015-06-27 09:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2015-07-29 10:34 - 2015-06-16 06:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
    2015-07-29 10:34 - 2015-06-16 06:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2015-07-29 10:34 - 2015-06-16 05:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
    2015-07-29 10:34 - 2015-06-16 05:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2015-07-29 10:34 - 2015-06-16 04:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2015-07-29 10:34 - 2015-06-16 03:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
    2015-07-29 10:34 - 2015-05-08 01:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2015-07-29 10:34 - 2015-05-08 01:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2015-07-29 10:34 - 2015-05-08 00:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2015-07-29 10:34 - 2015-05-08 00:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2015-07-29 10:33 - 2015-07-25 21:34 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2015-07-29 10:33 - 2015-06-30 06:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2015-07-29 10:33 - 2015-06-29 23:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2015-07-29 10:33 - 2015-06-29 23:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2015-07-29 10:33 - 2015-06-29 23:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2015-07-29 10:33 - 2015-06-29 23:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2015-07-29 10:33 - 2015-06-27 07:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2015-07-29 10:33 - 2015-06-27 07:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
    2015-07-29 10:33 - 2015-05-08 00:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
    2015-07-27 23:00 - 2015-07-27 23:01 - 69868760 _____ C:\Users\ASUS\Downloads\Powtoon.zip
    2015-07-27 11:44 - 2015-07-27 11:44 - 00000880 _____ C:\Users\ASUS\Downloads\The Sandler Rules - 49 Timeless Selling Principles.torrent
    2015-07-26 23:12 - 2015-07-26 23:16 - 00000000 ____D C:\Users\ASUS\Desktop\Matt ASM5 5(July 16 update)
    2015-07-26 17:38 - 2015-07-26 17:38 - 00079683 _____ C:\Users\ASUS\Downloads\Matt ASM5 5(July 16 update).torrent
    2015-07-26 17:25 - 2015-07-26 17:25 - 00011736 _____ C:\Users\ASUS\Downloads\Personal Finance.torrent
    2015-07-21 09:08 - 2015-07-14 22:14 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2015-07-21 09:08 - 2015-07-14 22:14 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2015-07-21 09:08 - 2015-07-14 22:14 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2015-07-21 09:08 - 2015-07-14 22:13 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2015-07-18 23:27 - 2015-07-18 23:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\CLARUS_DRIVE_MANAGER
    2015-07-18 23:26 - 2015-07-18 23:26 - 00000000 ____D C:\Program Files (x86)\Clarus
    2015-07-18 14:29 - 2015-08-06 12:45 - 00000000 ____D C:\Users\ASUS\Desktop\Temp Folder
    2015-07-18 14:09 - 2015-07-18 14:09 - 00000884 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1d0c1203d0bbdfd.job
    2015-07-16 22:42 - 2015-07-02 06:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2015-07-16 22:42 - 2015-07-02 05:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2015-07-16 10:11 - 2015-07-16 10:11 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    2015-07-16 10:10 - 2015-07-16 10:10 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2015-07-16 10:03 - 2015-08-06 23:15 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-07-16 10:03 - 2015-08-06 18:08 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-07-16 09:57 - 2015-07-16 09:57 - 00000874 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1d0bf6abe888dd5.job
    2015-07-16 09:57 - 2015-07-16 09:57 - 00000874 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1d0908ab4cae8af.job
    2015-07-15 11:47 - 2015-06-25 10:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2015-07-15 11:47 - 2015-04-30 07:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
    2015-07-15 11:46 - 2015-05-31 05:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
    2015-07-15 11:46 - 2015-05-31 03:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2015-07-15 11:46 - 2015-05-31 03:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2015-07-15 11:46 - 2015-05-12 02:17 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2015-07-15 11:46 - 2015-05-03 08:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2015-07-15 11:44 - 2015-05-07 23:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
    2015-07-15 11:44 - 2015-05-07 23:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
    2015-07-15 11:43 - 2015-05-03 23:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-07-15 11:43 - 2015-05-03 22:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-07-15 11:43 - 2015-05-03 22:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2015-07-15 11:43 - 2015-05-03 22:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
    2015-07-15 11:43 - 2015-04-25 10:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
    2015-07-15 11:41 - 2015-05-12 00:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
    2015-07-15 11:40 - 2015-04-23 23:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2015-07-15 11:40 - 2015-04-23 23:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
    2015-07-15 11:39 - 2015-06-16 13:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2015-07-15 11:39 - 2015-06-16 13:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2015-07-15 11:39 - 2015-06-11 11:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2015-07-15 11:39 - 2015-06-11 00:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2015-07-15 11:39 - 2015-05-12 21:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2015-07-15 11:39 - 2015-05-02 07:33 - 00410739 _____ C:\WINDOWS\system32\ApnDatabase.xml
    2015-07-15 11:39 - 2015-04-28 21:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
    2015-07-15 11:39 - 2015-04-28 21:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
    2015-07-15 11:38 - 2015-05-03 23:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2015-07-15 11:38 - 2015-05-03 22:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2015-07-15 00:30 - 2015-07-18 15:46 - 00000000 ____D C:\Users\ASUS\Desktop\Rapidcrush OMG
    2015-07-14 10:32 - 2015-07-14 10:32 - 00001089 _____ C:\Users\ASUS\Desktop\Traffic Travis v4.lnk
    2015-07-14 10:32 - 2015-07-14 10:32 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Traffic Travis v4
    2015-07-14 10:32 - 2015-07-14 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Traffic Travis v4
    2015-07-14 10:31 - 2015-07-14 10:31 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Affilorama
    2015-07-12 22:19 - 2015-07-12 22:19 - 00001261 _____ C:\Users\Public\Desktop\Explaindio Video Creator 2.lnk
    2015-07-12 22:19 - 2015-07-12 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explaindio Video Creator 2
    2015-07-12 22:17 - 2015-07-18 22:49 - 00000000 ____D C:\Program Files (x86)\Explaindio Video Creator 2
    2015-07-12 22:08 - 2015-07-12 22:08 - 00001735 _____ C:\Users\ASUS\Desktop\Google Drive.lnk
    2015-07-12 22:06 - 2015-08-06 10:39 - 00000000 ___RD C:\Users\ASUS\Google Drive
    2015-07-12 22:00 - 2015-07-12 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2015-07-12 21:59 - 2015-07-12 21:59 - 00931408 _____ (Google Inc.) C:\Users\ASUS\Downloads\googledrivesync.exe
    2015-07-11 22:28 - 2015-07-11 22:28 - 00000910 _____ C:\Users\Public\Desktop\MegaDownloader.lnk
    2015-07-11 21:43 - 2015-07-07 05:24 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2015-07-11 21:43 - 2015-07-07 05:24 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2015-07-10 22:01 - 2015-07-29 22:02 - 00000000 ____D C:\Users\ASUS\Desktop\OMG July 2015
    2015-07-10 21:36 - 2015-07-10 21:36 - 00000000 ____D C:\Users\ASUS\Documents\ASUS
    2015-07-10 17:50 - 2015-08-06 18:41 - 00000578 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002.job
    2015-07-10 17:50 - 2015-08-06 17:40 - 00000674 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-147487581-2992457104-1551078015-1002.job
    2015-07-09 10:57 - 2015-07-09 10:58 - 02147112 _____ (AppsForMega.info ) C:\Users\ASUS\Downloads\MegaDownloader_v1.4.exe
    2015-07-08 22:30 - 2015-07-08 22:30 - 00025430 _____ C:\Users\ASUS\Downloads\prtimport.xlsx
    2015-07-07 21:59 - 2015-07-15 16:18 - 00000000 ____D C:\Users\ASUS\Desktop\Chrome Tabs
    2015-07-07 09:48 - 2015-07-07 09:48 - 00002026 _____ C:\Users\Public\Desktop\FileZilla Client.lnk

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-08-06 23:26 - 2014-02-14 12:12 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Copy
    2015-08-06 23:25 - 2014-02-05 08:51 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-147487581-2992457104-1551078015-1002
    2015-08-06 23:20 - 2014-02-10 22:27 - 00000000 ____D C:\Users\ASUS\AppData\Local\Spotify
    2015-08-06 23:20 - 2014-02-10 22:26 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Spotify
    2015-08-06 23:16 - 2014-02-05 16:11 - 00000000 ___RD C:\Users\ASUS\Dropbox
    2015-08-06 23:16 - 2014-02-05 16:10 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Dropbox
    2015-08-06 23:15 - 2015-02-01 23:29 - 00003758 _____ C:\WINDOWS\System32\Tasks\AutoKMS
    2015-08-06 23:15 - 2014-02-05 16:05 - 00000000 __RDO C:\Users\ASUS\SkyDrive
    2015-08-06 23:15 - 2014-02-05 08:50 - 00000062 _____ C:\Users\ASUS\AppData\Roaming\sp_data.sys
    2015-08-06 23:14 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\system32\sru
    2015-08-06 18:53 - 2014-02-05 18:45 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\DMCache
    2015-08-06 18:39 - 2014-02-07 10:23 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-08-06 18:25 - 2015-06-08 19:22 - 00014821 _____ C:\WINDOWS\setupact.log
    2015-08-06 18:25 - 2013-08-22 22:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-08-06 18:24 - 2013-08-22 21:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
    2015-08-06 18:23 - 2014-02-08 18:25 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\uTorrent
    2015-08-06 17:53 - 2015-03-27 16:54 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Skype
    2015-08-06 17:36 - 2015-02-23 10:58 - 00000000 ____D C:\Users\ASUS\Desktop\Transfer
    2015-08-06 17:31 - 2014-02-06 21:03 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\vlc
    2015-08-06 17:12 - 2014-05-08 18:20 - 00000000 ____D C:\Users\ASUS\AppData\Local\CrashDumps
    2015-08-06 17:01 - 2014-02-06 23:22 - 28666880 ___SH C:\Users\ASUS\Desktop\Thumbs.db
    2015-08-06 16:12 - 2015-02-04 22:47 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-08-06 14:24 - 2015-06-08 19:20 - 02095640 _____ C:\WINDOWS\WindowsUpdate.log
    2015-08-06 13:25 - 2012-07-26 15:59 - 00000000 ____D C:\WINDOWS\CbsTemp
    2015-08-06 13:04 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\AppReadiness
    2015-08-06 12:48 - 2015-01-13 17:24 - 00000000 ____D C:\Users\ASUS\Desktop\SEO
    2015-08-06 11:56 - 2014-02-05 12:47 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Mozilla
    2015-08-06 11:02 - 2013-11-14 15:28 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-08-04 15:00 - 2015-06-27 12:54 - 00027146 _____ C:\WINDOWS\PFRO.log
    2015-08-04 01:43 - 2014-02-05 15:41 - 00000000 ____D C:\Users\ASUS
    2015-08-03 18:47 - 2014-02-12 22:49 - 10944512 ___SH C:\Users\ASUS\Downloads\Thumbs.db
    2015-08-03 15:28 - 2014-08-16 10:50 - 00000000 ____D C:\Users\ASUS\Desktop\Glen Allsopp (ViperChill) - Marketing Inc
    2015-08-03 12:18 - 2014-02-05 08:43 - 00000000 ____D C:\Users\ASUS\AppData\Local\Packages
    2015-08-03 12:17 - 2014-02-10 21:45 - 00000000 ____D C:\Users\ASUS\Desktop\Resources
    2015-08-03 11:24 - 2015-04-17 17:54 - 00000000 ____D C:\Users\ASUS\Desktop\Terry Kyle's SEO Traffic Hacks
    2015-08-02 22:24 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\rescache
    2015-07-30 19:11 - 2015-02-04 11:34 - 00000000 ____D C:\Users\ASUS\Desktop\Firefox Portable
    2015-07-29 10:52 - 2013-08-22 23:36 - 00000000 ___RD C:\WINDOWS\ToastData
    2015-07-29 10:36 - 2014-12-11 17:14 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2015-07-29 10:36 - 2014-07-09 16:20 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
    2015-07-27 10:34 - 2014-09-30 00:59 - 00000000 ___RD C:\Program Files (x86)\Skype
    2015-07-27 10:34 - 2014-03-22 12:27 - 00000000 ____D C:\ProgramData\Skype
    2015-07-26 10:22 - 2015-04-26 00:39 - 00000000 ___SD C:\WINDOWS\system32\GWX
    2015-07-25 10:25 - 2015-04-26 00:39 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
    2015-07-21 15:30 - 2013-08-22 22:44 - 05118432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2015-07-19 23:20 - 2014-02-10 21:17 - 00000000 ____D C:\Users\ASUS\Desktop\Shortcuts
    2015-07-19 10:41 - 2014-02-05 16:48 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-07-19 10:40 - 2014-02-05 22:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-07-18 23:26 - 2014-05-01 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
    2015-07-18 01:16 - 2014-02-05 12:06 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-07-16 23:39 - 2014-02-07 10:23 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2015-07-16 10:03 - 2015-02-04 22:46 - 00003894 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-07-16 10:03 - 2015-02-04 22:46 - 00003658 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-07-16 09:44 - 2014-02-05 12:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-07-16 00:50 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\WinStore
    2015-07-15 17:54 - 2012-07-26 13:26 - 00000199 _____ C:\WINDOWS\win.ini
    2015-07-12 22:28 - 2014-02-05 12:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-07-12 22:00 - 2014-02-05 12:46 - 00000000 ____D C:\Program Files (x86)\Google
    2015-07-12 18:59 - 2015-06-08 11:11 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
    2015-07-11 22:28 - 2015-06-26 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDownloader
    2015-07-11 22:28 - 2015-06-26 20:58 - 00000000 ____D C:\Program Files\MegaDownloader
    2015-07-10 21:36 - 2014-02-05 08:43 - 00000000 ____D C:\Users\ASUS\AppData\Local\VirtualStore
    2015-07-10 20:55 - 2015-05-30 19:12 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\IDM
    2015-07-10 17:50 - 2015-06-01 20:49 - 00003676 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-147487581-2992457104-1551078015-1002
    2015-07-10 17:50 - 2014-04-26 11:28 - 00003580 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002
    2015-07-09 16:27 - 2015-01-06 11:24 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\FileZilla
    2015-07-07 09:48 - 2015-01-06 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
    2015-07-07 09:48 - 2015-01-06 11:24 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client

    ==================== Files in the root of some directories =======

    2014-08-28 09:34 - 2014-08-28 09:35 - 15000576 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
    2014-02-14 13:26 - 2014-02-14 13:26 - 0000088 _____ () C:\Users\ASUS\AppData\Roaming\.95d691779473f3e03bc4b4e56319d74c.key
    2014-02-14 13:26 - 2014-02-14 13:26 - 0000088 _____ () C:\Users\ASUS\AppData\Roaming\.c79792229cdae4d8fe4e261fc4d6976b.key
    2014-11-14 15:36 - 2014-11-25 18:41 - 0000132 _____ () C:\Users\ASUS\AppData\Roaming\Adobe PNG Format CS6 Prefs
    2014-02-14 13:27 - 2015-02-10 16:22 - 0000248 _____ () C:\Users\ASUS\AppData\Roaming\RO39-2M3Q
    2014-02-05 08:50 - 2015-08-06 23:15 - 0000062 _____ () C:\Users\ASUS\AppData\Roaming\sp_data.sys
    2014-06-19 10:28 - 2014-06-19 10:28 - 0000024 _____ () C:\Users\ASUS\AppData\Roaming\temp.ini
    2014-11-14 15:45 - 2014-11-14 15:45 - 0001456 _____ () C:\Users\ASUS\AppData\Local\Adobe Save for Web 13.0 Prefs
    2012-09-10 19:49 - 2012-09-10 19:49 - 0001050 ____H () C:\Users\ASUS\AppData\Local\{793FD447-37EB-4083-B222-2E447297AF07}
    2014-12-23 18:14 - 2014-12-23 18:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2012-08-05 09:42 - 2012-07-30 14:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd

    Some files in TEMP:
    ====================
    C:\Users\ASUS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprhs4iz.dll
    C:\Users\ASUS\AppData\Local\Temp\Quarantine.exe
    C:\Users\ASUS\AppData\Local\Temp\setup_15420-24_4CF4.exe
    C:\Users\ASUS\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-08-02 15:16

    ==================== End of log ============================
     
  6. kango88

    kango88 Thread Starter

    Joined:
    Feb 5, 2015
    Messages:
    153
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
    Ran by Gladwin (2015-08-06 23:28:21)
    Running from C:\Users\ASUS\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-147487581-2992457104-1551078015-500 - Administrator - Disabled)
    Gladwin (S-1-5-21-147487581-2992457104-1551078015-1002 - Administrator - Enabled) => C:\Users\ASUS
    Guest (S-1-5-21-147487581-2992457104-1551078015-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-147487581-2992457104-1551078015-1004 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
    7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
    Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
    Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
    AliG SLF (HKLM-x32\...\com.aligmarketing.slf) (Version: 4.0.0 - Ali G. Marketing LLC)
    AliG SLF (x32 Version: 4.0.0 - Ali G. Marketing LLC) Hidden
    Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
    ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
    ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
    ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
    ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
    ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
    AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
    Atheros Outlook Addin 2010 (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\BB108A893815B64BF41C4574C3324FB7371AA244) (Version: 1.0.0.0 - Microsoft)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
    Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
    AudienceMakr (HKLM-x32\...\AudienceMakr) (Version: 1.0.2 - Infomastery, LLC)
    AudienceMakr (x32 Version: 1.0.2 - Infomastery, LLC) Hidden
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
    Brother MFL-Pro Suite MFC-9330CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
    Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
    CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
    Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
    Copy (HKLM\...\{EE4CEBB9-C0FC-4503-9BC0-1E32B566DE71}) (Version: 1.47.410.0 - Barracuda Networks, Inc.)
    CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.70 - DivX, LLC)
    DocuPrint CM205 f_fw (HKLM-x32\...\InstallShield_{82E36284-5E49-4800-9882-0B69D7EEAC2D}) (Version: 1.011.00 - Fuji Xerox)
    DocuPrint CM205 f_fw (x32 Version: 1.011.00 - Fuji Xerox) Hidden
    Dropbox (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    Explaindio Sketch Line Color Changer (HKLM-x32\...\Coloring) (Version: 0.0.0 - UNKNOWN)
    Explaindio Sketch Line Color Changer (x32 Version: 0.0.0 - UNKNOWN) Hidden
    Explaindio Video Creator 2 version 2.009 (HKLM-x32\...\{32BC6664-2064-439F-BD1E-F814647935CB}_is1) (Version: 2.009 - Explaindio LLC)
    Explaindio Video Creator version 1.004 (HKLM-x32\...\{FE60174E-0881-4634-946F-9F9C8672710A}_is1) (Version: 1.004 - Explaindio LLC)
    Explaindio Video Creator version 1.009 (HKLM-x32\...\{9E347DDD-DB67-4348-8C96-75E0BBC65407}_is1) (Version: 1.009 - Explaindio LLC)
    Explaindio Video Creator version 1.012 (HKLM-x32\...\{C38A770F-F857-4357-84ED-FF71D8DE90BF}_is1) (Version: 1.012 - Explaindio LLC)
    ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
    FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
    GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
    Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
    Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
    GoToMeeting 7.2.3.3019 (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\GoToMeeting) (Version: 7.2.3.3019 - CitrixOnline)
    GSA Email Spider v7.20 (HKLM-x32\...\GSA Email Spider_is1) (Version: 7.20 - GSA Software)
    GSA Search Engine Ranker v9.88 (HKLM-x32\...\GSA Search Engine Ranker_is1) (Version: 9.88 - GSA Software)
    HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
    HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.238 - SurfRight B.V.)
    Instant Content Curator Express (HKLM-x32\...\com.webdimensions.instantcontentcurator.express) (Version: 2.0.8 - Web Dimensions, Inc.)
    Instant Content Curator Express (x32 Version: 2.0.8 - Web Dimensions, Inc.) Hidden
    Instant Eyedropper 1.75 (HKLM-x32\...\Instant Eyedropper_is1) (Version: - )
    Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.7.1084 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
    Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
    Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Last Man (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Last Man) (Version: - )
    LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
    LB Prospect Sniper (HKLM-x32\...\YPFBScraper) (Version: 1.1.0 - UNKNOWN)
    LB Prospect Sniper (x32 Version: 1.1.0 - UNKNOWN) Hidden
    Livedrive (HKLM\...\{4A2E4327-998D-4B37-9A50-16E239E93870}) (Version: 1.15.6.0 - Livedrive Internet Limited)
    LongTailPro - Version 2.4.28 (HKLM-x32\...\com.longtailpro.LongTailPro) (Version: 2.4.28 - Long Tail Media, LLC)
    LongTailPro - Version 2.4.28 (x32 Version: 2.4.28 - Long Tail Media, LLC) Hidden
    Magic Web Finder (HKLM-x32\...\{71C90F1B-3AC4-4DCE-92AA-7E8D7B758532}) (Version: 2.5.0 - Thwaites SEO)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.38 - Alliance Software Pty Ltd)
    Market Samurai (x32 Version: 0.93.38 - Alliance Software Pty Ltd) Hidden
    MegaDownloader 1.4 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.4 - AppsForMega.info)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mobile Lead Monster (HKLM-x32\...\MobileLeadMonster) (Version: 1.0 - Axiom Marketing Inc.)
    Mobile Lead Monster (x32 Version: 1.0 - Axiom Marketing Inc.) Hidden
    Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MP3 Skype recorder (HKLM-x32\...\{9AFDC558-9575-48B8-BC39-CCAACB8DC05E}) (Version: 4.4.1.0 - Alexander Nikiforov)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
    Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
    NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
    NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
    NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
    NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
    NZ Financial MT4 Terminal (HKLM-x32\...\NZ Financial MT4 Terminal) (Version: 4.00 - MetaQuotes Software Corp.)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    Penguin Recovery Jeet (HKLM-x32\...\Penguin Recovery Jeet_is1) (Version: 1.0 - Teknikforce)
    PureVPN (HKLM-x32\...\PureVPN_is1) (Version: 3.2 - PureVPN)
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.210 - Qualcomm Atheros Communications)
    Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
    Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
    Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.173 - Clarus, Inc.)
    Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
    Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
    Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
    Scansoft PDF Professional (x32 Version: - ) Hidden
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
    Skype&#8482; 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
    SMSCaster E-Marketer GSM Enterprise v3.6 (HKLM-x32\...\SMSCaster E-Marketer GSM Enterprise_is1) (Version: v3.6 (build 1071) - SDJ Software Limited)
    Spotify (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
    StreamTorrent 1.0 (HKLM-x32\...\StreamTorrent 1.0) (Version: - )
    Telegram Desktop version 0.7.20 (HKU\S-1-5-21-147487581-2992457104-1551078015-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.7.20 - Telegram Messenger LLP)
    Traffic Travis 4.2.0 (HKLM-x32\...\Traffic Travis 4_is1) (Version: - Affilorama Ltd.)
    Update for CHS Microsoft IME HAP Dictionary (Version: 16.0.858.1 - Microsoft Corporation) Hidden
    Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.01) (Version: 1.01 - Webvati)
    VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.04) (Version: 1.04 - Webvati)
    VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.05) (Version: 1.05 - Webvati)
    VideoMakerFX (x32 Version: 1.01 - Webvati) Hidden
    VideoMakerFX (x32 Version: 1.05 - Webvati) Hidden
    VideoMakerFX Josh Ratta Bonus Scenes (HKLM-x32\...\{E7CAFBCF-1A20-4AF8-AE0E-89A8282CCA46}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes August Addon 1.0 (HKLM-x32\...\{BC117729-A0EA-48CF-941E-6F12EFB7D71E}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes December Addon 1.0 (HKLM-x32\...\{F5AEF14E-731A-4875-B55D-1561E2F87722}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes July Addon 1.0 (HKLM-x32\...\{BDAA3BD7-1BA0-4727-B99F-89FD45A1D15A}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes June Addon 1.0 (HKLM-x32\...\{AE11668B-174C-461F-8A4D-5AEF54DD3B5F}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes May Addon 1.0 (HKLM-x32\...\{6073BA7B-671F-4F41-AA93-05164AAE6A72}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes November Addon 1.0 (HKLM-x32\...\{23CFA575-AD8D-48AD-971D-EF76F70FC94F}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes October Addon 1.0 (HKLM-x32\...\{C7F12978-67A4-45F3-9010-9F94BC730894}) (Version: 1.0 - Webvati)
    VideoMakerFX ProThemes September Addon 1.0 (HKLM-x32\...\{703AEFFE-6830-4BEB-A697-62D5566A7557}) (Version: 1.0 - Webvati)
    VideoMakerFX VideoProfitFX Add On 1.0 (HKLM-x32\...\{8F99303E-4E46-45DC-964D-649DBC72B717}) (Version: 1.0 - Webvati)
    VideoMakerFX Webinar Bonus Kinetic Special Scenes (HKLM-x32\...\{1895C465-14C6-4AEB-8478-13F0A1953282}) (Version: 1.0 - Webvati)
    Viewlio (HKLM-x32\...\groinup.outsourcing.youtubetool) (Version: 1.2.4 - Web1 Syndication, Inc.)
    Viewlio (x32 Version: 1.2.4 - Web1 Syndication, Inc.) Hidden
    VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
    VLC Setup Helper (HKLM-x32\...\VLC Setup Helper_is1) (Version: - )
    WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.8.381 - ASUS Cloud Corporation)
    Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
    WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\ASUS\AppData\Local\Citrix\GoToMeeting\1865\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ASUS\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147487581-2992457104-1551078015-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\ASUS\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

    ==================== Restore Points =========================

    06-08-2015 12:35:35 Scheduled Checkpoint

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {1EC4E477-8FB4-4785-8F1C-B28E2F00A284} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-25] (ASUS)
    Task: {231A1BC4-7F52-433B-BA49-DAC21ED77E2C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {275ADBFC-8958-496E-9374-8D0A637CF457} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-02-01] ()
    Task: {35631E60-74ED-44BE-9C60-43DC09DA1993} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
    Task: {38230B34-6A77-4CA3-B70C-B728771A5A37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-09] (Piriform Ltd)
    Task: {3B5951F4-199B-490D-922E-06D0B82A59A9} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-19] (ASUSTek Computer Inc.)
    Task: {3C3C1EA3-2DAE-4B67-921E-D4A2A529B8C4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
    Task: {453A192F-EFE2-4E59-8DB3-DF1E1F1EAA85} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-30] ()
    Task: {48BC6164-F3B2-4DD2-B8EB-BFF8A59B9E6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
    Task: {63A5081D-D5AD-495D-9006-1519CB6CB077} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-30] (ASUS)
    Task: {65B9F134-7A26-4519-B801-7B3F01DEBD00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
    Task: {79EDC474-2559-4C79-9DD6-21BC10BBC944} - System32\Tasks\CLARUS_DRIVE_MANAGER\Clarus_Drive_Manager => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe [2015-05-21] (Clarus, Inc.)
    Task: {7EBDDBCA-CD9B-449E-A896-7433A59C07AC} - System32\Tasks\avastBCLRestartS-1-5-21-147487581-2992457104-1551078015-1002 => Firefox.exe
    Task: {8006A781-C47E-4391-BCE9-EDCC3A3492D6} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-25] (ASUS)
    Task: {82AA3937-45DC-4A88-955B-05EFCC1B721E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {84F4FA45-F9FF-4217-884B-25335CF7A604} - System32\Tasks\G2MUploadTask-S-1-5-21-147487581-2992457104-1551078015-1002 => C:\Users\ASUS\AppData\Local\Citrix\GoToMeeting\3019\g2mupload.exe [2015-07-10] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {9683C123-13C1-4149-975D-9F8E7DDC508D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
    Task: {97DAD6E6-1844-4F80-A827-CFC2AA087E3A} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-17] (AsusTek)
    Task: {9C717444-7B25-4C69-B6A8-711F159CDDD1} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
    Task: {A1E533F8-F20E-4D0F-89D0-771BCE3B0147} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-05] ()
    Task: {A1E8FA47-F1DA-4D65-A532-AE80870DB662} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
    Task: {BD2F6FEC-16F9-4264-8E19-8BB534F5EFB9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
    Task: {F0BBFD4C-5614-49DB-8CA1-69D298C40533} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {F50BA656-7650-4D52-8358-18794A1F735F} - System32\Tasks\InstallShield Update Task => Wscript.exe //nologo //E:jscript //B "C:\Program Files (x86)\InstallShield\isupdate.ini"
    Task: {F9D63969-0932-4E38-A93A-91E6D66279D8} - System32\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002 => C:\Users\ASUS\AppData\Local\Citrix\GoToMeeting\3019\g2mupdate.exe [2015-07-10] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {FF464129-908B-44D4-B5FE-7308AEECA88B} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1d0c1203d0bbdfd.job => C:\Users\ASUS\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-147487581-2992457104-1551078015-1002.job => C:\Users\ASUS\AppData\Local\Citrix\GoToMeeting\3019\g2mupdate.exe
    Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-147487581-2992457104-1551078015-1002.job => C:\Users\ASUS\AppData\Local\Citrix\GoToMeeting\3019\g2mupload.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1cf8e99a9971846.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1cfedc1168c14f4.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1cfffdbc8a5ac38.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1d04303a250e3f3.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1d0908ab4cae8af.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-147487581-2992457104-1551078015-1002Core1d0bf6abe888dd5.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2011-11-18 10:02 - 2011-11-18 10:02 - 00023040 _____ () C:\WINDOWS\System32\fxhk4alm.dll
    2012-06-20 12:21 - 2012-06-20 12:21 - 00096768 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe
    2015-03-04 17:08 - 2015-03-04 17:08 - 00210648 _____ () C:\Program Files (x86)\Livedrive\VSSService.exe
    2014-12-02 17:11 - 2005-04-22 12:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
    2013-12-10 08:13 - 2014-03-04 22:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-02-05 15:36 - 2014-03-04 21:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2012-08-25 09:26 - 2012-08-25 09:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
    2012-11-30 09:15 - 2012-11-30 09:15 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
    2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2012-09-30 11:02 - 2012-09-30 11:02 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
    2012-09-30 10:59 - 2012-09-30 10:59 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
    2012-09-30 11:01 - 2012-09-30 11:01 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    2014-07-09 10:55 - 2007-10-17 16:22 - 00352256 _____ () C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe
    2015-04-08 23:12 - 2015-04-08 23:12 - 02092544 _____ () C:\Users\ASUS\AppData\Roaming\Copy\Gui.dll
    2015-04-08 23:12 - 2015-04-08 23:12 - 08212480 _____ () C:\Users\ASUS\AppData\Roaming\Copy\Brt.dll
    2015-04-08 23:12 - 2015-04-08 23:12 - 09276416 _____ () C:\Users\ASUS\AppData\Roaming\Copy\AgentSync.dll
    2015-04-08 23:12 - 2015-04-08 23:12 - 05327872 _____ () C:\Users\ASUS\AppData\Roaming\Copy\CloudSync.dll
    2015-06-02 23:18 - 2015-06-02 23:18 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
    2012-06-20 12:21 - 2012-06-20 12:21 - 00248320 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmW.exe
    2012-06-20 12:21 - 2012-06-20 12:21 - 00229376 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmwj.exe
    2014-01-10 13:26 - 2014-01-10 13:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    2012-03-08 10:27 - 2012-03-08 10:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\ACVsWin.dll
    2015-06-08 11:11 - 2015-06-08 11:11 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
    2015-06-08 11:11 - 2015-06-08 11:11 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2015-08-06 18:05 - 2015-08-06 18:05 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080601\algo.dll
    2014-02-05 07:06 - 2012-06-26 02:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2015-03-04 17:03 - 2015-03-04 17:03 - 00799232 _____ () C:\Program Files (x86)\Livedrive\Localisation.dll
    2015-03-04 16:59 - 2015-03-04 16:59 - 00270336 _____ () C:\Program Files (x86)\Livedrive\AlphaFS.dll
    2015-03-04 17:08 - 2015-03-04 17:08 - 00068824 _____ () C:\Program Files (x86)\Livedrive\Native.dll
    2015-07-24 23:05 - 2015-07-24 23:05 - 41287224 _____ () C:\Users\ASUS\AppData\Roaming\Spotify\libcef.dll
    2015-07-24 23:05 - 2015-07-24 23:05 - 01488440 _____ () C:\Users\ASUS\AppData\Roaming\Spotify\libglesv2.dll
    2015-07-24 23:05 - 2015-07-24 23:05 - 00079928 _____ () C:\Users\ASUS\AppData\Roaming\Spotify\libegl.dll
    2013-12-10 08:13 - 2014-03-04 22:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2015-08-06 23:15 - 2015-08-06 23:15 - 00098816 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32api.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00110080 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\pywintypes27.dll
    2015-08-06 23:15 - 2015-08-06 23:15 - 00364544 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\pythoncom27.dll
    2015-08-06 23:15 - 2015-08-06 23:15 - 00045568 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\_socket.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 01161216 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\_ssl.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00320512 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32com.shell.shell.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00713216 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\_hashlib.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 01175040 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\wx._core_.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00805888 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\wx._gdi_.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00811008 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\wx._windows_.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 01062400 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\wx._controls_.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00735232 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\wx._misc_.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00682496 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\pysqlite2._sqlite.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00087552 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\_ctypes.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00119808 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32file.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00108544 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32security.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00007168 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\hashobjs_ext.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00068096 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\usb_ext.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00167936 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32gui.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00018432 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32event.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00128512 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\_elementtree.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00127488 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\pyexpat.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00013824 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\common.time34.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00036864 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\_psutil_windows.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00038912 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32inet.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00011264 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32crypt.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00070656 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\wx._html2.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00027136 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\_multiprocessing.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00020480 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\_yappi.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00035840 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32process.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00686080 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\unicodedata.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00122368 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\wx._wizard.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00024064 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32pipe.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00010240 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\select.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00025600 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32pdh.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00525640 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\windows._lib_cacheinvalidation.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00017408 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32profile.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00022528 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\win32ts.pyd
    2015-08-06 23:15 - 2015-08-06 23:15 - 00078336 _____ () C:\Users\ASUS\AppData\Local\Temp\_MEI41722\wx._animate.pyd
    2014-01-10 13:28 - 2014-01-10 13:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    2015-04-14 22:28 - 2015-04-14 22:28 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2015-08-06 23:16 - 2015-08-06 23:16 - 00071168 _____ () c:\users\asus\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprhs4iz.dll
    2015-07-31 09:51 - 2015-07-17 08:31 - 00012800 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
    2015-07-31 09:51 - 2015-07-17 08:31 - 00779776 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
    2015-07-31 09:51 - 2015-07-17 08:31 - 00056320 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
    2015-07-31 09:51 - 2015-07-17 08:31 - 00012288 _____ () C:\Users\ASUS\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\ASUS\SkyDrive:ms-properties
    AlternateDataStreams: C:\Users\ASUS\Desktop\FRST64.exe:com.dropbox.attributes

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

    There are 11405 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-147487581-2992457104-1551078015-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\ASUS\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\asus.jpg
    DNS Servers: 192.168.1.254
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{78B68CAC-98F6-447C-A0AD-7C16B8EB0A55}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{AE38F942-C60A-4E71-944D-8BA399B36217}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{E6740DCD-8DA8-4127-A2CB-CBBE2B640879}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{7779A46B-13DA-4D89-A443-4A8E19041FE3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{A67BFD28-A6AF-4ACA-BF1A-3A1B6935D594}] => (Allow) C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{6A24E937-B260-4BDC-B676-1FC710E02432}] => (Allow) C:\Users\ASUS\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [TCP Query User{D6C63F3E-3CE2-47EB-9561-BE689EE8C866}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
    FirewallRules: [UDP Query User{6EE59E8C-D3A9-458D-AE22-70E772E82795}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
    FirewallRules: [{1882725E-021C-47AD-A560-95F57A8359BC}] => (Allow) C:\Users\ASUS\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{93012D28-83C7-4B86-888F-60713A5DA5A8}] => (Allow) C:\Users\ASUS\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [TCP Query User{E4502E78-C756-4FE6-9ED5-7BBBA1DC1737}C:\users\asus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asus\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{7E1461A3-B54C-423A-8042-F7FBD8DDFE9C}C:\users\asus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asus\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{E53B9C5C-447D-4A30-8A36-BDC1FFE30682}] => (Allow) C:\Program Files (x86)\GSA Search Engine Ranker\Search_Engine_Ranker.exe
    FirewallRules: [{1BD19C5D-2EC1-4CB8-A029-EDC1AF200A18}] => (Allow) C:\Program Files (x86)\GSA Search Engine Ranker\Search_Engine_Ranker.exe
    FirewallRules: [{61FB9A50-6867-40D4-88B3-2B2EB38E6CE1}] => (Allow) C:\Program Files (x86)\GSA Search Engine Ranker\Search_Engine_Ranker.exe
    FirewallRules: [TCP Query User{B08CF672-7F11-4D16-865B-3B4BF35DB44D}C:\users\asus\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\asus\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{704639A5-5BD4-4534-BA2F-01E74C70C33E}C:\users\asus\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\asus\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{39A299C1-AFA4-4E69-8697-C099A939F3E7}C:\users\asus\appdata\roaming\copy\copyagent.exe] => (Block) C:\users\asus\appdata\roaming\copy\copyagent.exe
    FirewallRules: [UDP Query User{0EB8BBD8-6A4C-4902-BD81-B27E92A4FAD8}C:\users\asus\appdata\roaming\copy\copyagent.exe] => (Block) C:\users\asus\appdata\roaming\copy\copyagent.exe
    FirewallRules: [TCP Query User{88B97E4F-F3CD-418D-9758-1CFFF1F9E24B}C:\users\asus\downloads\programs\utorrent.exe] => (Allow) C:\users\asus\downloads\programs\utorrent.exe
    FirewallRules: [UDP Query User{3A52F9DD-D028-4708-808A-1DCD42C9E906}C:\users\asus\downloads\programs\utorrent.exe] => (Allow) C:\users\asus\downloads\programs\utorrent.exe
    FirewallRules: [TCP Query User{524559A3-4305-478E-81C6-486FD9B9CE4F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{A475584D-0B03-472D-9860-CD6C09A3EDBF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [TCP Query User{262780E1-26DF-4045-919F-ED19AE461658}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
    FirewallRules: [UDP Query User{F62B3630-F079-45D0-892A-CFFB7435702F}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe] => (Allow) C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe
    FirewallRules: [{D39958A4-0E92-4724-A8C6-DEF765CCC215}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{B3570F2F-7815-475F-9C88-C0015A8D9626}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{4DD34F24-6AD0-407A-99FB-9ECC64A48437}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{4DAFE5A9-1B1E-4388-ABD3-EF581C73E27A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{777A6699-6C6C-4F86-82FC-7AD5574490B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{49966D3F-E88E-4A5D-B753-C3E85866CC22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{179A1B45-5A60-429E-B102-E2B725898EC2}] => (Allow) LPort=8317
    FirewallRules: [{23F378DA-7737-4912-B210-F5CE76771BA4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{45FD3AA8-F7F2-4758-B10B-57DD5300C41A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{C130F6BB-2D0E-448F-8653-44D196BA22E7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{53729105-C790-4F2D-9700-9E6D553ACF28}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{A3DB7A6F-10F8-4B38-AEB5-B52266CC019E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{8C0E87C9-B1E5-4901-A71C-287C90A403CA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{F23E249A-D8E3-4665-A2E7-568977FF19F0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{149FA1A2-7429-4875-B73F-4029869B130C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{4C7588BA-60E3-48BB-8ECD-557469537BF7}] => (Allow) C:\Users\ASUS\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{C25155D7-CBF4-49BE-857A-EF25EB153143}] => (Allow) C:\Users\ASUS\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{6EF08D37-8603-4D93-912C-3CF204B15996}] => (Allow) C:\Program Files (x86)\GSA Search Engine Ranker\Search_Engine_Ranker.exe
    FirewallRules: [{0DE55331-B7A8-478F-BA55-699DAD8B7A58}] => (Allow) C:\Program Files (x86)\GSA Search Engine Ranker\Search_Engine_Ranker.exe
    FirewallRules: [{24239B72-A9CA-465A-B95F-BEC311262D57}] => (Allow) C:\Program Files (x86)\GSA Search Engine Ranker\Search_Engine_Ranker.exe
    FirewallRules: [{7FB92498-DF29-4E77-81DD-88DB050DA8A2}] => (Allow) C:\Users\ASUS\AppData\Roaming\Copy\CopyAgent.exe
    FirewallRules: [{8FF5D4F5-0CFC-45A1-8734-606019B176B4}] => (Allow) C:\Program Files (x86)\GSA Email Spider\GSA_Email_Spider.exe
    FirewallRules: [{930E84F4-1C4A-4A16-9556-0564E5456038}] => (Allow) C:\Program Files (x86)\GSA Email Spider\GSA_Email_Spider.exe
    FirewallRules: [{CE5D6B40-B4B2-4C52-B82F-F50221412E31}] => (Allow) C:\Program Files (x86)\GSA Email Spider\GSA_Email_Spider.exe
    FirewallRules: [{F82DA431-0698-4FBF-BB8B-7C07653CA235}] => (Allow) C:\Program Files (x86)\Brother\Brmfl12d\FAXRX.exe
    FirewallRules: [{185E9E60-770C-48CA-8523-AC9DCC23306F}] => (Allow) C:\Program Files (x86)\Brother\Brmfl12d\FAXRX.exe
    FirewallRules: [{4A40D653-0744-4C9C-8012-C808A32C1CAB}] => (Allow) LPort=54925
    FirewallRules: [{C65B63BD-88A3-4646-89DC-8277AF34AB72}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
    FirewallRules: [{0F80BD54-6396-47DF-9665-7A208031A98D}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Setup Helper\VLC Setup Helper.exe
    FirewallRules: [{0F8A8DBE-BC06-4B35-8BDB-8C495033E529}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Setup Helper\mDNSResponder.exe
    FirewallRules: [{A579BBF2-23E3-4BF3-B3F3-1E7FEF1609EA}] => (Allow) C:\Program Files\VideoLAN\VLC\vlc.exe
    FirewallRules: [{19C24FB3-EBF5-47BB-8CAE-114A14B28EE8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{9EA28095-DD5D-4464-ABBF-FE9B81963282}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{E540CD5F-C6F8-413A-A6DF-ED6327CB1C23}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{8E3752F5-528E-419F-9D6C-35A428D5FD6E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{A8F1F396-0E73-463D-BE90-2A15183E9C77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============

    Name: Intel(R) Dynamic Platform & Thermal Framework Driver
    Description: Intel(R) Dynamic Platform & Thermal Framework Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: DptfManager
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Virtual Bluetooth Support
    Description: Virtual Bluetooth Support
    Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
    Manufacturer: Qualcomm Atheros Communications
    Service: AthBTPort
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Bluetooth LWFLT Device
    Description: Bluetooth LWFLT Device
    Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
    Manufacturer: Qualcomm Atheros Communications
    Service: BTATH_LWFLT
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: DptfDevGen
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: DptfDevGen
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: DptfDevGen
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Description: Intel(R) Dynamic Platform & Thermal Framework Generic Participant Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: DptfDevGen
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (08/06/2015 11:15:38 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {be231e8e-29ac-4da1-894d-21e993ed0292}

    Error: (08/06/2015 11:15:20 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.

    Error: (08/06/2015 11:15:20 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005]

    Error: (08/06/2015 06:26:31 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {be231e8e-29ac-4da1-894d-21e993ed0292}

    Error: (08/06/2015 06:26:20 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.

    Error: (08/06/2015 06:26:20 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005]

    Error: (08/06/2015 06:25:49 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

    Error: (08/06/2015 06:25:49 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

    Error: (08/06/2015 06:25:49 PM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceServiceMain: ServiceStart() failed.

    Error: (08/06/2015 06:25:49 PM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceServiceStart: ConnectToDptfFrameworkDriver() failed.


    System errors:
    =============
    Error: (08/06/2015 11:14:30 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
    Description: There was an error while attempting to read the local hosts file.

    Error: (08/06/2015 06:55:05 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
    Description: There was an error while attempting to read the local hosts file.

    Error: (08/06/2015 06:25:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The McAfee Platform Services service failed to start due to the following error:
    %%1053

    Error: (08/06/2015 06:25:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.

    Error: (08/06/2015 06:25:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The McAfee OOBE Service2 service failed to start due to the following error:
    %%1053

    Error: (08/06/2015 06:25:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee OOBE Service2 service to connect.

    Error: (08/06/2015 06:25:49 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
    Description: There was an error while attempting to read the local hosts file.

    Error: (08/06/2015 06:25:24 PM) (Source: BTHUSB) (EventID: 5) (User: )
    Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.

    Error: (08/06/2015 06:24:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error:
    %%1069

    Error: (08/06/2015 06:24:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Windows Search service failed to start due to the following error:
    %%1069


    Microsoft Office:
    =========================
    Error: (08/06/2015 11:15:38 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: 0x80070005, Access is denied.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {be231e8e-29ac-4da1-894d-21e993ed0292}

    Error: (08/06/2015 11:15:20 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.

    Error: (08/06/2015 11:15:20 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005]

    Error: (08/06/2015 06:26:31 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: 0x80070005, Access is denied.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {be231e8e-29ac-4da1-894d-21e993ed0292}

    Error: (08/06/2015 06:26:20 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.

    Error: (08/06/2015 06:26:20 PM) (Source: DptfPolicyLpmServiceHelper) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceHelperCreateSharedMemory: CreateFileMapping() failed.Last error = [0x00000005]

    Error: (08/06/2015 06:25:49 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceServiceStart: ConnectToDptfFrameworkDriver() failed.

    Error: (08/06/2015 06:25:49 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
    Description: DptfPolicyLpmServiceConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.Last error = [0x00000103]

    Error: (08/06/2015 06:25:49 PM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceServiceMain: ServiceStart() failed.

    Error: (08/06/2015 06:25:49 PM) (Source: DptfPolicyCriticalService) (EventID: 1) (User: )
    Description: DptfPolicyCriticalServiceServiceStart: ConnectToDptfFrameworkDriver() failed.


    CodeIntegrity:
    ===================================
    Date: 2015-02-15 11:56:22.153
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-14 14:39:43.234
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-14 14:39:42.928
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-14 14:39:42.493
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-14 14:39:42.108
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-14 14:39:41.714
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-14 14:39:41.425
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-14 14:39:40.991
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-14 14:39:40.655
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-02-14 14:39:40.248
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
    Percentage of memory in use: 42%
    Total physical RAM: 8077.59 MB
    Available physical RAM: 4664.92 MB
    Total Virtual: 10509.59 MB
    Available Virtual: 6723.9 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:3.68 GB) NTFS ==>[system with boot components (obtained from reading drive)]
    Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:43.25 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 185485F0)

    Partition: GPT Partition Type.

    ========================================================
    Disk: 1 (Size: 22.4 GB) (Disk ID: BC223D42)

    Partition: GPT Partition Type.

    ==================== End of log ============================
     
  7. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    55,596
    First Name:
    Derek
    The logs show clear signs of an activation hack for windows/office
    we do not assist with pirated windows/office so this topic is now closed
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1153020

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice