Page 1 of 2 12 LastLast
Results 1 to 10 of 15
  1. #1
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Angry Suspected Tracking Malware (HJT/Superanti/Malwarebytes Logs)

    Hey guys,

    Continually finding a handful of threats in scans weekly, hrm

    HJT

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 8:15:35 p.m., on 17/07/2015
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.17840)

    FIREFOX: 39.0 (x86 en-US)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Users\DEMNS\AppData\Local\Microsoft\BingSvc\BingSvc.exe
    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\DEMNS\Downloads\HijackThis.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
    O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [BingSvc] C:\Users\DEMNS\AppData\Local\Microsoft\BingSvc\BingSvc.exe
    O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
    O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: SRS Premium Sound.lnk = ?
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - (no file)
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
    O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 11628 bytes

    Superanti

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 07/17/2015 at 07:29 PM

    Application Version : 6.0.1200
    Database Version : 11958

    Scan type : Complete Scan
    Total Scan Time : 00:38:21

    Operating System Information
    Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 650
    Memory threats detected : 0
    Registry items scanned : 49665
    Registry threats detected : 0
    File items scanned : 39302
    File threats detected : 8

    Adware.Tracking Cookie
    .imrworldwide.com [ C:\USERS\DEMNS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionpro.com [ C:\USERS\DEMNS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\DEMNS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adtechjp.com [ C:\USERS\DEMNS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .cbs.112.2o7.net [ C:\USERS\DEMNS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .stats.paypal.com [ C:\USERS\DEMNS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    in.getclicky.com [ C:\USERS\DEMNS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .2o7.net [ C:\USERS\DEMNS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

    ============
    End of Log
    ============

    Malwarebytes

    Malwarebytes Anti-Malware
    www.malwarebytes.org


    Protection, 17/07/2015 7:31 p.m., SYSTEM, DEMNS-PC, Protection, Malware Protection, Starting,
    Protection, 17/07/2015 7:31 p.m., SYSTEM, DEMNS-PC, Protection, Malware Protection, Started,
    Protection, 17/07/2015 7:31 p.m., SYSTEM, DEMNS-PC, Protection, Malicious Website Protection, Starting,
    Protection, 17/07/2015 7:31 p.m., SYSTEM, DEMNS-PC, Protection, Malicious Website Protection, Started,
    Error, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Update, Bad md5 or size: akadomains, 11,
    Error, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Update, Bad md5 or size: akaips, 11,
    Update, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Manual, Domain Database, 0.0.0.0, 2015.6.12.1,
    Update, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Manual, IP Database, 0.0.0.0, 2015.6.12.1,
    Update, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Manual, Rootkit Database, 2015.6.2.1, 2015.7.16.1,
    Update, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Manual, Remediation Database, 2015.5.13.1, 2015.7.15.2,
    Update, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Manual, AKA IP Database, 0.0.0.0, 2015.7.15.1,
    Update, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Manual, AKA Domain Database, 0.0.0.0, 2015.7.16.1,
    Update, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Manual, Malware Database, 2015.6.3.3, 2015.7.17.1,
    Protection, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Protection, Refresh, Starting,
    Protection, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Protection, Malicious Website Protection, Stopping,
    Protection, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Protection, Malicious Website Protection, Stopped,
    Protection, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Protection, Refresh, Success,
    Protection, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Protection, Malicious Website Protection, Starting,
    Protection, 17/07/2015 7:34 p.m., SYSTEM, DEMNS-PC, Protection, Malicious Website Protection, Started,
    Scan, 17/07/2015 8:14 p.m., SYSTEM, DEMNS-PC, Context, Start:17/07/2015 7:34 p.m., Duration:40 min 6 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,

    (end)

    Thanks!

  2. #2
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi xtrakt,

    I apologize for the delay. Do you still need help?

    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  3. #3
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Default

    Hey there Donna, yes indeed, these things are still raring their heads in weekly scans and some things like picture viewer wont load images or photos, control desk keeps crashing? and my Windows 10 update installer downloads but shuts down on install. Let me know what logs your after otherwise Im at your instruction on what to do next

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Download the version of this tool for your operating system.
    Farbar Recovery Scan Tool (64 bit)
    farbar-recovery-scan-tool/dl/81/Farbar Recovery Scan Tool (32 bit)
    and save it to your computer's Desktop.
    Double-click to run it. When the tool opens click Yes to disclaimer.
    Press Scan button.
    It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    The first time the tool is run, it makes also another log (Addition.txt). Please also paste it to your reply.

  5. #5
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Default

    Hey there zep, heres the results!

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
    Ran by DEMNS (administrator) on DEMNS-PC (19-08-2015 16:26:51)
    Running from C:\Users\DEMNS\Downloads
    Loaded Profiles: DEMNS (Available Profiles: DEMNS & Guest)
    Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    (ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    (ASUS) C:\Program Files\P4G\BatteryLife.exe
    () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
    (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    ( 2015 Microsoft Corporation) C:\Users\DEMNS\AppData\Local\Microsoft\BingSvc\BingSvc.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    (ASUS) C:\Windows\AsScrPro.exe
    () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
    HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
    HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
    HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
    HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-07] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-25] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-04] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-04] (ASUS)
    HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-20] (ASUS)
    HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-03] ()
    HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)
    HKU\S-1-5-21-4141175638-1873252099-901921829-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-13] (Piriform Ltd)
    HKU\S-1-5-21-4141175638-1873252099-901921829-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7800088 2015-07-10] (SUPERAntiSpyware)
    HKU\S-1-5-21-4141175638-1873252099-901921829-1001\...\Run: [BingSvc] => C:\Users\DEMNS\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] ( 2015 Microsoft Corporation)
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-01-29] (Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-03-15]
    ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-03-15]
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2011-03-15]
    ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-16] ()
    ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] ()
    ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.)
    ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.)
    ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll [2007-06-16] ()
    ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [2007-06-02] ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-4141175638-1873252099-901921829-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-nz
    HKU\S-1-5-21-4141175638-1873252099-901921829-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
    SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-4141175638-1873252099-901921829-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-03-15] (Google Inc.)
    BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2011-03-15] (Google Inc.)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-15] (Google Inc.)
    BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-03-15] (Google Inc.)
    BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2011-03-15] (Google Inc.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-03-15] (Google Inc.)
    Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-15] (Google Inc.)
    Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No File
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
    Tcpip\..\Interfaces\{0E88D957-5039-4E7B-BEE2-3D1E017D83DE}: [DhcpNameServer] 192.168.1.1 192.168.1.1
    Tcpip\..\Interfaces\{D79645C0-FE03-4769-BCE0-6B551E27CD0C}: [DhcpNameServer] 192.168.1.1 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\DEMNS\AppData\Roaming\Mozilla\Firefox\Profiles\fd6i2rfo.default
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-24] (Zeon Corporation)

    Chrome:
    =======
    CHR Profile: C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
    CHR Extension: (Google Docs) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
    CHR Extension: (Google Drive) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
    CHR Extension: (YouTube) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
    CHR Extension: (Adblock Plus) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-27]
    CHR Extension: (Google Search) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
    CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-08]
    CHR Extension: (Google Sheets) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
    CHR Extension: (AdBlock) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-27]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-08]
    CHR Extension: (Capture Webpage Screenshot - FireShot) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-05-11]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
    CHR Extension: (Adblock Pro) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-01-27]
    CHR Extension: (Gmail) - C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
    CHR HKU\S-1-5-21-4141175638-1873252099-901921829-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
    R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
    R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
    S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
    R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] () [File not signed]
    R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
    R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-02] (REALiX(tm))
    R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
    R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-17] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
    R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-07-27] (Synaptics Incorporated)
    R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
    S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [206080 2014-10-13] (DEVGURU Co., LTD.(데브구루 | 데브구루에 오*것을 환영합니다.))
    R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-07] ()
    S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
    S3 clwvd6; system32\DRIVERS\clwvd6.sys [X]
    U2 TMAgent; no ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-08-19 16:26 - 2015-08-19 16:27 - 00020614 _____ C:\Users\DEMNS\Downloads\FRST.txt
    2015-08-19 14:21 - 2015-08-19 14:22 - 02173440 _____ (Farbar) C:\Users\DEMNS\Downloads\FRST64.exe
    2015-08-18 21:50 - 2015-08-18 21:50 - 00000000 ____D C:\Users\DEMNS\AppData\Roaming\FastStone
    2015-08-18 21:48 - 2015-08-18 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
    2015-08-18 21:48 - 2015-08-18 21:49 - 00000000 ____D C:\Program Files (x86)\FastStone Image Viewer
    2015-08-18 21:48 - 2015-08-18 21:48 - 05863128 _____ C:\Users\DEMNS\Downloads\FSViewerSetup54.exe
    2015-08-18 21:48 - 2015-08-18 21:48 - 00001107 _____ C:\Users\Public\Desktop\FastStone Image Viewer.lnk
    2015-08-18 13:22 - 2015-08-18 13:22 - 00000000 ____D C:\Users\DEMNS\Desktop\DA 322 08-03-1986 Te Rapa, NZ _ Flickr - Photo Sharing!_files
    2015-08-18 12:51 - 2015-08-18 12:51 - 00000000 ____D C:\Users\DEMNS\Documents\Fax
    2015-08-18 12:27 - 2015-08-18 12:28 - 12064433 _____ C:\Users\DEMNS\Downloads\SoftwareUpdater_4370_31.zip
    2015-08-15 17:29 - 2015-08-19 09:58 - 00001232 _____ C:\Windows\setupact.log
    2015-08-15 17:29 - 2015-08-15 17:29 - 00000000 _____ C:\Windows\setuperr.log
    2015-08-12 23:25 - 2015-07-31 01:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-08-12 23:25 - 2015-07-31 01:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-08-12 17:05 - 2015-07-15 15:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
    2015-08-12 17:04 - 2015-07-21 12:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-08-12 17:04 - 2015-07-21 12:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-08-12 17:04 - 2015-07-17 09:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-08-12 17:04 - 2015-07-17 08:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-08-12 17:04 - 2015-07-17 08:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-08-12 17:04 - 2015-07-17 08:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-08-12 17:04 - 2015-07-17 08:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-08-12 17:04 - 2015-07-17 08:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-08-12 17:04 - 2015-07-17 08:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-08-12 17:04 - 2015-07-17 08:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-08-12 17:04 - 2015-07-17 08:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-08-12 17:04 - 2015-07-17 08:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-08-12 17:04 - 2015-07-17 08:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-08-12 17:04 - 2015-07-17 08:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-08-12 17:04 - 2015-07-17 08:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-08-12 17:04 - 2015-07-17 08:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-08-12 17:04 - 2015-07-17 08:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-08-12 17:04 - 2015-07-17 08:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-08-12 17:04 - 2015-07-17 08:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-08-12 17:04 - 2015-07-17 08:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-08-12 17:04 - 2015-07-17 08:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-08-12 17:04 - 2015-07-17 08:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-08-12 17:04 - 2015-07-17 08:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-08-12 17:04 - 2015-07-17 08:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-08-12 17:04 - 2015-07-17 07:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-08-12 17:04 - 2015-07-17 07:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-08-12 17:04 - 2015-07-17 07:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-08-12 17:04 - 2015-07-17 07:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-08-12 17:04 - 2015-07-17 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-08-12 17:04 - 2015-07-17 07:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-08-12 17:04 - 2015-07-17 07:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-08-12 17:04 - 2015-07-17 07:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-08-12 17:04 - 2015-07-17 07:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-08-12 17:04 - 2015-07-17 07:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-08-12 17:04 - 2015-07-17 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-08-12 17:04 - 2015-07-17 07:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-08-12 17:04 - 2015-07-17 07:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-08-12 17:04 - 2015-07-17 07:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-08-12 17:04 - 2015-07-17 07:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-08-12 17:04 - 2015-07-17 07:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-08-12 17:04 - 2015-07-17 07:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-08-12 17:04 - 2015-07-17 07:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-08-12 17:04 - 2015-07-17 07:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-08-12 17:04 - 2015-07-17 07:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-08-12 17:04 - 2015-07-17 07:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-08-12 17:04 - 2015-07-17 07:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-08-12 17:04 - 2015-07-17 07:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-08-12 17:04 - 2015-07-17 07:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-08-12 17:04 - 2015-07-17 07:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-08-12 17:04 - 2015-07-17 07:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-08-12 17:04 - 2015-07-17 07:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-08-12 17:04 - 2015-07-17 07:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-08-12 17:04 - 2015-07-17 07:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-08-12 17:04 - 2015-07-17 07:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-08-12 17:04 - 2015-07-17 07:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-08-12 17:04 - 2015-07-17 07:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-08-12 17:04 - 2015-07-17 06:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-08-12 17:04 - 2015-07-17 06:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-08-12 17:04 - 2015-07-17 06:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-08-12 17:04 - 2015-07-17 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-08-12 17:03 - 2015-07-29 08:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2015-08-12 17:03 - 2015-07-29 08:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-08-12 17:03 - 2015-07-29 08:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-08-12 17:03 - 2015-07-29 08:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-08-12 17:03 - 2015-07-29 08:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-08-12 17:03 - 2015-07-29 08:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-08-12 17:03 - 2015-07-29 08:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2015-08-12 17:03 - 2015-07-29 07:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-08-12 17:03 - 2015-07-21 06:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-08-12 17:03 - 2015-07-21 06:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-08-12 17:03 - 2015-07-21 06:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-08-12 17:03 - 2015-07-21 06:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-08-12 17:03 - 2015-07-21 06:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-08-12 17:03 - 2015-07-21 06:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-08-12 17:03 - 2015-07-21 06:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-08-12 17:03 - 2015-07-21 06:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-08-12 17:03 - 2015-07-21 06:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-08-12 17:03 - 2015-07-21 06:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-08-12 17:03 - 2015-07-21 06:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-08-12 17:03 - 2015-07-21 05:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-08-12 17:03 - 2015-07-21 05:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-08-12 17:03 - 2015-07-21 05:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2015-08-12 17:03 - 2015-07-21 05:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-08-12 17:03 - 2015-07-21 05:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-08-12 17:03 - 2015-07-02 08:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2015-08-12 17:03 - 2015-07-02 08:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2015-08-12 17:03 - 2015-07-02 08:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2015-08-12 17:03 - 2015-07-02 08:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2015-08-12 17:02 - 2015-07-17 07:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2015-08-12 17:02 - 2015-07-17 07:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
    2015-08-12 17:02 - 2015-07-17 07:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
    2015-08-12 17:02 - 2015-07-17 07:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2015-08-12 17:02 - 2015-07-17 07:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
    2015-08-12 17:02 - 2015-07-17 07:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
    2015-08-12 17:02 - 2015-07-16 06:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-08-12 17:02 - 2015-07-16 06:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-08-12 17:02 - 2015-07-16 06:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-08-12 17:02 - 2015-07-16 06:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2015-08-12 17:02 - 2015-07-16 06:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-08-12 17:02 - 2015-07-16 06:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2015-08-12 17:02 - 2015-07-16 06:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-08-12 17:02 - 2015-07-16 06:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2015-08-12 17:02 - 2015-07-16 06:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-08-12 17:02 - 2015-07-16 06:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-08-12 17:02 - 2015-07-16 06:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-08-12 17:02 - 2015-07-16 06:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-08-12 17:02 - 2015-07-16 06:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2015-08-12 17:02 - 2015-07-16 06:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
    2015-08-12 17:02 - 2015-07-16 06:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2015-08-12 17:02 - 2015-07-16 06:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-08-12 17:02 - 2015-07-16 06:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-08-12 17:02 - 2015-07-16 06:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 06:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-08-12 17:02 - 2015-07-16 05:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-08-12 17:02 - 2015-07-16 05:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-08-12 17:02 - 2015-07-16 05:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-08-12 17:02 - 2015-07-16 05:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-08-12 17:02 - 2015-07-16 05:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-08-12 17:02 - 2015-07-16 05:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-08-12 17:02 - 2015-07-16 05:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-08-12 17:02 - 2015-07-16 05:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-08-12 17:02 - 2015-07-16 05:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-08-12 17:02 - 2015-07-16 05:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-08-12 17:02 - 2015-07-16 05:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2015-08-12 17:02 - 2015-07-16 05:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2015-08-12 17:02 - 2015-07-16 05:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-08-12 17:02 - 2015-07-16 05:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2015-08-12 17:02 - 2015-07-16 05:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2015-08-12 17:02 - 2015-07-16 05:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2015-08-12 17:02 - 2015-07-16 05:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2015-08-12 17:02 - 2015-07-16 05:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-08-12 17:02 - 2015-07-16 05:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-08-12 17:02 - 2015-07-16 05:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2015-08-12 17:02 - 2015-07-16 05:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-08-12 17:02 - 2015-07-16 05:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 05:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 04:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2015-08-12 17:02 - 2015-07-16 04:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2015-08-12 17:02 - 2015-07-16 04:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2015-08-12 17:02 - 2015-07-16 04:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2015-08-12 17:02 - 2015-07-16 04:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2015-08-12 17:02 - 2015-07-16 04:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 04:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 04:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-16 04:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-08-12 17:02 - 2015-07-12 01:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
    2015-08-12 16:47 - 2015-07-31 06:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2015-08-12 16:47 - 2015-07-31 06:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-08-12 16:47 - 2015-07-31 06:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-08-12 16:47 - 2015-07-31 06:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2015-08-12 16:47 - 2015-07-31 06:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2015-08-12 16:47 - 2015-07-31 06:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2015-08-12 16:47 - 2015-07-31 06:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2015-08-12 16:47 - 2015-07-31 05:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2015-08-12 16:47 - 2015-07-31 05:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2015-08-12 16:47 - 2015-07-31 05:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2015-08-12 16:47 - 2015-07-31 05:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2015-08-12 16:47 - 2015-07-31 05:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2015-08-12 16:47 - 2015-07-31 05:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2015-08-12 16:47 - 2015-07-31 04:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-08-12 16:47 - 2015-07-31 04:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2015-08-12 16:47 - 2015-07-31 04:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2015-08-12 16:47 - 2015-07-15 15:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2015-08-12 16:47 - 2015-07-15 15:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2015-08-12 16:47 - 2015-07-15 15:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2015-08-12 16:47 - 2015-07-15 15:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2015-08-12 16:47 - 2015-07-15 14:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2015-08-12 16:47 - 2015-07-15 14:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2015-08-12 16:47 - 2015-07-15 14:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2015-08-12 16:47 - 2015-07-15 14:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2015-08-12 16:47 - 2015-07-11 05:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2015-08-12 16:47 - 2015-07-11 05:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2015-08-12 16:47 - 2015-07-10 05:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
    2015-08-12 16:47 - 2015-07-10 05:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
    2015-08-12 16:47 - 2015-07-10 05:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    2015-08-12 16:46 - 2015-05-10 06:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
    2015-08-04 17:49 - 2015-08-04 17:49 - 01923343 _____ C:\Users\DEMNS\Downloads\Atomic Email Hunter 3.50.zip
    2015-08-04 17:49 - 2015-08-04 17:49 - 00431606 _____ C:\Users\DEMNS\Downloads\InstaGet Pro 2.0.zip
    2015-08-04 17:48 - 2015-08-04 17:49 - 21903260 _____ C:\Users\DEMNS\Downloads\NinjaPinner 1.9.6.zip
    2015-08-04 17:48 - 2015-08-04 17:48 - 04401901 _____ C:\Users\DEMNS\Downloads\FB Lead Chef 3.0.zip
    2015-08-04 17:05 - 2015-08-04 17:06 - 00000000 ____D C:\Users\DEMNS\Desktop\MCV
    2015-08-04 07:39 - 2015-08-04 07:55 - 00000000 ____D C:\Users\DEMNS\Desktop\Warren G - Regulate G Funk Era Part II (EP)
    2015-07-30 21:19 - 2015-08-01 22:19 - 00000436 _____ C:\Users\DEMNS\Desktop\Tiaho Mai Ra.txt
    2015-07-27 11:46 - 2015-07-27 11:46 - 00033448 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
    2015-07-27 11:40 - 2015-07-27 11:40 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
    2015-07-27 11:40 - 2015-07-27 11:40 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-08-19 16:27 - 2015-06-28 06:46 - 01375897 _____ C:\Windows\WindowsUpdate.log
    2015-08-19 16:26 - 2015-03-03 13:42 - 00000000 ____D C:\FRST
    2015-08-19 16:26 - 2011-03-15 10:10 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-08-19 14:26 - 2009-07-14 16:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-08-19 14:26 - 2009-07-14 16:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-08-19 10:29 - 2015-03-02 13:25 - 00002874 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (DEMNS)
    2015-08-19 10:28 - 2011-03-15 10:42 - 00000000 ____D C:\Program Files\P4G
    2015-08-19 10:28 - 2011-03-15 10:10 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-08-19 09:58 - 2009-07-14 17:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-08-18 21:51 - 2015-04-07 18:53 - 00308736 ___SH C:\Users\DEMNS\Thumbs.db
    2015-08-18 17:30 - 2015-06-19 20:52 - 00000000 ____D C:\Users\DEMNS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
    2015-08-18 12:58 - 2015-07-11 01:39 - 00000000 ___HD C:\$Windows.~BT
    2015-08-18 12:46 - 2015-06-09 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
    2015-08-18 12:44 - 2015-06-09 11:22 - 00000000 ____D C:\Program Files (x86)\Epson Software
    2015-08-18 12:42 - 2009-07-29 18:52 - 00000000 ____D C:\Windows\Panther
    2015-08-15 19:32 - 2015-07-09 09:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer
    2015-08-15 19:14 - 2015-07-09 09:15 - 00000973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
    2015-08-15 19:14 - 2015-07-09 09:15 - 00000961 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
    2015-08-13 08:53 - 2009-07-14 16:45 - 00306536 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-08-13 08:43 - 2015-01-27 14:46 - 00000000 ___SD C:\Windows\system32\CompatTel
    2015-08-13 08:43 - 2015-01-27 14:46 - 00000000 ____D C:\Windows\system32\appraiser
    2015-08-12 23:24 - 2015-01-27 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-08-12 23:23 - 2015-01-27 14:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2015-08-12 23:23 - 2015-01-27 14:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2015-08-12 23:17 - 2015-01-27 14:12 - 00000000 ____D C:\Windows\system32\MRT
    2015-08-12 23:10 - 2015-01-27 14:11 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-08-12 21:53 - 2015-01-26 20:41 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-08-11 10:54 - 2009-07-14 17:08 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2015-08-06 16:00 - 2009-07-14 15:20 - 00000000 ____D C:\Windows\rescache
    2015-08-05 01:35 - 2015-01-27 00:19 - 00000000 ____D C:\Users\DEMNS\AppData\Roaming\SoftGrid Client
    2015-08-04 17:46 - 2015-07-10 23:58 - 00000000 ____D C:\Users\DEMNS\Desktop\IBK
    2015-07-27 11:44 - 2009-07-14 15:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-07-25 19:06 - 2015-04-05 22:09 - 00000000 ___SD C:\Windows\system32\GWX
    2015-07-24 11:06 - 2015-07-14 22:10 - 00000058 _____ C:\Users\DEMNS\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
    2015-07-23 15:35 - 2015-01-26 17:34 - 00000000 ____D C:\Users\DEMNS

    ==================== Files in the root of some directories =======

    2015-03-02 17:09 - 2015-03-02 17:09 - 0000046 _____ () C:\Users\DEMNS\AppData\Roaming\Camdata.ini
    2015-03-02 17:09 - 2015-03-02 17:09 - 0000408 _____ () C:\Users\DEMNS\AppData\Roaming\CamLayout.ini
    2015-03-02 17:09 - 2015-03-02 17:09 - 0000408 _____ () C:\Users\DEMNS\AppData\Roaming\CamShapes.ini
    2015-03-02 17:09 - 2015-03-02 17:09 - 0004535 _____ () C:\Users\DEMNS\AppData\Roaming\CamStudio.cfg
    2015-03-02 14:49 - 2015-03-02 14:49 - 0052216 _____ () C:\Users\DEMNS\AppData\Roaming\Debut.dmp
    2015-03-02 17:00 - 2015-03-02 17:00 - 0000096 _____ () C:\Users\DEMNS\AppData\Roaming\version2.xml
    2015-07-14 22:10 - 2015-07-24 11:06 - 0000058 _____ () C:\Users\DEMNS\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
    2015-03-02 10:32 - 2015-03-02 10:32 - 0000036 _____ () C:\Users\DEMNS\AppData\Local\housecall.guid.cache
    2011-03-15 10:21 - 2010-07-07 11:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
    2011-03-15 10:07 - 2011-03-15 10:08 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    2011-03-15 10:09 - 2011-03-15 10:09 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    2011-03-15 10:06 - 2011-03-15 10:07 - 0000106 _____ () C:\ProgramData\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}.log
    2011-03-15 10:08 - 2011-03-15 10:09 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    2011-03-15 10:04 - 2011-03-15 10:06 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    2011-03-15 10:08 - 2011-03-15 10:08 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
    2011-03-15 10:02 - 2011-03-15 10:03 - 0000115 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-08-06 15:52

    ==================== End of log ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
    Ran by DEMNS (2015-08-19 16:28:06)
    Running from C:\Users\DEMNS\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-4141175638-1873252099-901921829-500 - Administrator - Disabled)
    DEMNS (S-1-5-21-4141175638-1873252099-901921829-1001 - Administrator - Enabled) => C:\Users\DEMNS
    Guest (S-1-5-21-4141175638-1873252099-901921829-501 - Limited - Enabled) => C:\Users\Guest
    HomeGroupUser$ (S-1-5-21-4141175638-1873252099-901921829-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
    Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
    ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
    ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS)
    ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
    ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
    ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.40 - ASUS)
    ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
    ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4015 - CyberLink Corp.)
    ASUS Video Magic (x32 Version: 6.0.4015 - CyberLink Corp.) Hidden
    ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)
    ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
    AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.3.585 - ASUSTEK)
    ATI AVIVO64 Codecs (Version: 11.6.0.50811 - ATI Technologies Inc.) Hidden
    ATI Catalyst Install Manager (HKLM\...\{FDB61EAE-7C1D-7EB6-E1EE-14528E3EB266}) (Version: 3.0.790.0 - ATI Technologies, Inc.)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0006 - ASUS)
    Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
    CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
    ccc-core-static (x32 Version: 2010.0811.2122.36462 - ATI) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
    Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.127.0.61 - Conexant)
    ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.9 - ASUS)
    Cooking Dash (HKLM-x32\...\Cooking Dash) (Version: - Oberon Media Inc.)
    CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
    CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.0.1606_25588 - CyberLink Corp.)
    CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
    CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
    CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2609a - CyberLink Corp.)
    CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3009.50 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Driver Booster 2.2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.2 - IObit)
    Epson Easy Photo Print 2 (HKLM-x32\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
    Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
    ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
    Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.8 - ASUS)
    FastStone Image Viewer 5.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.4 - FastStone Soft)
    File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
    Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Galera de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
    Governor of Poker (HKLM-x32\...\Governor of Poker) (Version: - Oberon Media Inc.)
    Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version: - Oberon Media Inc.)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
    Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
    Jewel Quest 3 (HKLM-x32\...\Jewel Quest 3) (Version: - Oberon Media Inc.)
    JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
    JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version: - )
    Luxor 3 (HKLM-x32\...\Luxor 3) (Version: - Oberon Media Inc.)
    Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version: - Oberon Media Inc.)
    Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
    ManyCam 4.1.1 (HKLM-x32\...\ManyCam) (Version: 4.1.1 - Visicom Media Inc.)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-4141175638-1873252099-901921829-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
    Mozilla Thunderbird 31.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 en-US)) (Version: 31.6.0 - Mozilla)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
    MyFreeCodec (HKU\S-1-5-21-4141175638-1873252099-901921829-1001\...\MyFreeCodec) (Version: - )
    Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
    OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
    Plants vs Zombies (HKLM-x32\...\Plants vs Zombies) (Version: - Oberon Media Inc.)
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
    Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
    Samsung Kies3 (x32 Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
    Screenshot Captor 4.12.0 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
    Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
    Spotify (HKU\S-1-5-21-4141175638-1873252099-901921829-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
    syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
    TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
    USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version: 5.8.54000.207 - Sonix)
    VueScan x64 (HKLM\...\VueScan x64) (Version: - )
    webcamAMP - The Webcam Amplifier (HKLM-x32\...\{8AEC8CFA-89BB-46A3-8B62-C87BC70AD9D5}_is1) (Version: 1.6 - KV Designs)
    WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.5.600 - Broadcom Corporation)
    Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419) (HKLM\...\85CE3A3657FAE5FD305B143E90E6FC89BA53001C) (Version: 02/25/2010 6.2.0.9419 - Broadcom)
    Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417) (HKLM\...\7341A1B43E7FE58942EB1E820A17C18305DFBCE6) (Version: 01/19/2010 6.2.0.1417 - Broadcom)
    Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (HKLM\...\2AA10AB519DC7432D599A0E860206A7DDCC27764) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
    Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
    Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
    WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E7}) (Version: 19.0.11294 - WinZip Computing, S.L. )
    Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.17 - ASUS)
    World of Goo (HKLM-x32\...\World of Goo) (Version: - Oberon Media Inc.)
    影像中心 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    照片库 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-4141175638-1873252099-901921829-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\DEMNS\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4141175638-1873252099-901921829-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\DEMNS\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4141175638-1873252099-901921829-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\DEMNS\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4141175638-1873252099-901921829-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\DEMNS\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4141175638-1873252099-901921829-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\DEMNS\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

    ==================== Restore Points =========================

    09-08-2015 16:42:34 Windows Update
    09-08-2015 19:00:08 Windows Backup
    12-08-2015 23:09:12 Windows Update
    16-08-2015 21:01:20 Windows Backup
    18-08-2015 12:41:23 Windows Update

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 14:34 - 2009-06-11 09:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {16697693-DEB9-43D6-8D4F-32AD72177598} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-24] (ATK)
    Task: {24925C73-9BB6-4527-95B5-5A2B831527BF} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
    Task: {3D46D517-196E-4FAF-B44C-F32028A71840} - \SUPERAntiSpyware Scheduled Task b79ed64c-17e5-4839-9bf3-0d9ab3dedd0d -> No File <==== ATTENTION
    Task: {4328C149-423C-4D11-B52C-FD6D4133CD68} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
    Task: {5E9B2AE1-4B2A-4683-AD4C-A112A115F1CE} - System32\Tasks\{46F4A729-7FC2-4F13-8A58-EC65BA576068} => pcalua.exe -a C:\Users\DEMNS\Downloads\wlsetup-web.exe -d C:\Users\DEMNS\Downloads
    Task: {78DCA5B9-B8AA-4ADD-8C8D-E87176FAED70} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-18] (ASUS)
    Task: {86EBE71B-511B-4136-B394-A35B3DB6DE6F} - \SUPERAntiSpyware Scheduled Task 8d0b3b07-a4a0-49ab-821c-324dee99dc32 -> No File <==== ATTENTION
    Task: {ABBAFF65-7F51-4C8A-AF37-8238377044C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)
    Task: {B9114BB2-7648-43A0-A9D3-E0143C3D6A12} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-02-04] (IObit)
    Task: {C0B83CDE-1572-4C86-89DA-80C49CAD98C8} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-08-01] (ASUS)
    Task: {C844AC29-C005-4FAF-9647-D3B856EAC386} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-09-30] (asus)
    Task: {CAFA1231-F049-4542-9E8F-CFB075E4B3C4} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-08-12] (ASUS)
    Task: {D33B9143-542F-4E05-A410-A659EC792703} - System32\Tasks\Driver Booster SkipUAC (DEMNS) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-02-05] (IObit)
    Task: {EBE7D9BD-1A3B-4941-B9D9-0258C72E6607} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-13] (Piriform Ltd)
    Task: {ECD4C375-8022-4D42-AC8D-F333FBA4C08E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-12-01] ()
    Task: {F160F9C9-A226-4E66-B6DC-AB52CAC2B6FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2008-10-01 18:02 - 2008-10-01 18:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
    2010-07-15 11:11 - 2010-07-15 11:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
    2011-03-15 10:44 - 2007-12-01 06:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    2007-06-16 05:28 - 2007-06-16 05:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
    2007-06-02 11:52 - 2007-06-02 11:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
    2010-03-16 13:48 - 2010-03-16 13:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
    2011-03-15 10:20 - 2011-03-15 10:20 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
    2011-03-15 10:20 - 2011-03-15 10:20 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
    2010-03-16 13:48 - 2010-03-16 13:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
    2010-03-12 15:14 - 2010-03-12 15:14 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
    2010-07-03 08:36 - 2010-07-03 08:36 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    2011-03-15 10:03 - 2010-04-06 18:29 - 00244904 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    2010-07-01 10:21 - 2010-07-01 10:21 - 00204800 _____ () C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax
    2007-06-16 05:28 - 2007-06-16 05:28 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
    2007-06-02 12:08 - 2007-06-02 12:08 - 00143360 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
    2015-02-17 10:30 - 2014-02-10 11:44 - 04592128 _____ () C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
    2015-02-17 10:30 - 2014-02-10 11:44 - 00112128 _____ () C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
    2009-11-03 09:20 - 2009-11-03 09:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
    2009-11-03 09:23 - 2009-11-03 09:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
    2015-04-28 21:40 - 2015-04-28 21:40 - 03348592 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
    2015-04-28 21:40 - 2015-04-28 21:40 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
    2015-04-28 21:40 - 2015-04-28 21:40 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
    2015-08-12 21:53 - 2015-08-08 12:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-4141175638-1873252099-901921829-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\DEMNS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
    MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [{06E4E4EF-741C-41E1-A09A-8612E96214E9}] => (Allow) C:\Program Files (x86)\Cyberlink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
    FirewallRules: [{AD7D5C0B-63F0-4CEB-BE24-FD724FD36100}] => (Allow) C:\Program Files (x86)\Cyberlink\PowerDVD9\PowerDVD9.EXE
    FirewallRules: [{05FDEF8A-C691-461A-B722-FD2393EF9A7F}] => (Allow) LPort=5353
    FirewallRules: [{BC8A9A5C-6513-4396-B944-DAC83D662923}] => (Allow) LPort=8182
    FirewallRules: [{705B7C87-3050-4477-A985-0D902F049328}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [{DDFC3944-0681-4358-8891-C6550AFB3EF8}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [TCP Query User{5306D764-943C-4974-A4AF-16D819CB8424}C:\users\demns\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\demns\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{C7083AA6-223C-45FA-93A2-2FDFC55EC88A}C:\users\demns\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\demns\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{C6A16E42-1B7F-48C9-92D6-B5174FC9B72D}C:\users\demns\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\demns\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{6DC5C479-E984-4FD1-A825-EC129966C468}C:\users\demns\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\demns\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{04B40A5A-573B-4E89-A8D4-5F3141552D7C}] => (Allow) C:\Users\DEMNS\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{3787232E-B5A2-47CD-AC0F-20BB7FF84896}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{33D11A2D-B997-4738-B823-D0D44F5B3469}] => (Allow) LPort=2869
    FirewallRules: [{0D133E60-1F33-4E32-A0D5-407885DCEE2A}] => (Allow) LPort=1900
    FirewallRules: [{C2F3E121-F32E-4AAC-8E7E-D08ECF2C42D8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{29E30DF0-9F21-49AD-A3FA-DA467639D59F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{40D3252D-6B7C-42B9-B8FC-A9F864D63254}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{9B47C6A0-ECD7-4BB1-A3A3-DF2DB8E82206}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{717A000D-D363-4D41-8A67-8BFE24855004}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{2E1445FF-7E25-4B9D-96C4-5911C4005B95}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{5A39E23E-B824-4356-B055-22DCD3A25B7F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{C1D208A1-7E19-464B-A49F-19F6175542A6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (08/19/2015 10:30:52 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ControlDeck.exe, version: 1.0.9.2, time stamp: 0x4ca438af
    Faulting module name: ntdll.dll, version: 6.1.7601.18933, time stamp: 0x55a69e20
    Exception code: 0xc0000005
    Fault offset: 0x000334d7
    Faulting process id: 0x%9
    Faulting application start time: 0xControlDeck.exe0
    Faulting application path: ControlDeck.exe1
    Faulting module path: ControlDeck.exe2
    Report Id: ControlDeck.exe3

    Error: (08/19/2015 09:57:16 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=44.0.2403.155;lang=;guid=CAE4DA04FAC7468EB75E6D6D265FB12F;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\cbdff75b-252b-44cb-8b4c-a2be8e03e062.dmp

    Error: (08/18/2015 10:35:48 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ControlDeck.exe, version: 1.0.9.2, time stamp: 0x4ca438af
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x00000000
    Faulting process id: 0x%9
    Faulting application start time: 0xControlDeck.exe0
    Faulting application path: ControlDeck.exe1
    Faulting module path: ControlDeck.exe2
    Report Id: ControlDeck.exe3

    Error: (08/18/2015 10:32:11 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=44.0.2403.155;lang=;guid=CAE4DA04FAC7468EB75E6D6D265FB12F;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\3265c259-0408-456d-97d1-a7bcd7d34cfe.dmp

    Error: (08/18/2015 09:47:40 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
    Faulting module name: ntdll.dll, version: 6.1.7601.18933, time stamp: 0x55a6a196
    Exception code: 0xc0000374
    Fault offset: 0x00000000000bffc2
    Faulting process id: 0x118c
    Faulting application start time: 0xDllHost.exe0
    Faulting application path: DllHost.exe1
    Faulting module path: DllHost.exe2
    Report Id: DllHost.exe3

    Error: (08/18/2015 07:27:52 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=44.0.2403.155;lang=;guid=CAE4DA04FAC7468EB75E6D6D265FB12F;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\e13e0e86-181b-4ef3-8fb3-7e7950b7877b.dmp

    Error: (08/18/2015 05:31:03 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ControlDeck.exe, version: 1.0.9.2, time stamp: 0x4ca438af
    Faulting module name: ntdll.dll, version: 6.1.7601.18933, time stamp: 0x55a69e20
    Exception code: 0xc0000005
    Fault offset: 0x00032973
    Faulting process id: 0x%9
    Faulting application start time: 0xControlDeck.exe0
    Faulting application path: ControlDeck.exe1
    Faulting module path: ControlDeck.exe2
    Report Id: ControlDeck.exe3

    Error: (08/18/2015 05:21:33 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=44.0.2403.155;lang=;guid=CAE4DA04FAC7468EB75E6D6D265FB12F;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\78c8facd-ede0-4619-849d-d2c067d00da3.dmp

    Error: (08/18/2015 03:56:30 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ACEngSvr.exe, version: 1.0.0.4, time stamp: 0x452a2d8a
    Faulting module name: ntdll.dll, version: 6.1.7601.18933, time stamp: 0x55a6a196
    Exception code: 0xc0000374
    Fault offset: 0x00000000000bffc2
    Faulting process id: 0x1864
    Faulting application start time: 0xACEngSvr.exe0
    Faulting application path: ACEngSvr.exe1
    Faulting module path: ACEngSvr.exe2
    Report Id: ACEngSvr.exe3

    Error: (08/18/2015 03:56:24 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ACEngSvr.exe, version: 1.0.0.4, time stamp: 0x452a2d8a
    Faulting module name: ntdll.dll, version: 6.1.7601.18933, time stamp: 0x55a6a196
    Exception code: 0xc0000374
    Fault offset: 0x00000000000bffc2
    Faulting process id: 0x107c
    Faulting application start time: 0xACEngSvr.exe0
    Faulting application path: ACEngSvr.exe1
    Faulting module path: ACEngSvr.exe2
    Report Id: ACEngSvr.exe3


    System errors:
    =============
    Error: (08/19/2015 09:21:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Pro.

    Error: (08/19/2015 08:21:44 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1053gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

    Error: (08/19/2015 08:21:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Google Update Service (gupdate) service failed to start due to the following error:
    %%1053

    Error: (08/19/2015 08:21:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

    Error: (08/18/2015 10:32:41 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (08/18/2015 12:03:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Windows Modules Installer service terminated with the following error:
    %%16405

    Error: (08/18/2015 12:03:49 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY)
    Description: CBS Client initialization failed. Last error: 0x80080005

    Error: (08/17/2015 09:38:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The IPsec Policy Agent service terminated with the following error:
    %%1747

    Error: (08/16/2015 08:01:33 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 7:57:01 p.m. on ‎16/‎08/‎2015 was unexpected.

    Error: (08/16/2015 07:59:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.


    Microsoft Office:
    =========================
    Error: (08/19/2015 10:30:52 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: ControlDeck.exe1.0.9.24ca438afntdll.dll6.1.7601.1893355a69e20c0000005000334d7

    Error: (08/19/2015 09:57:16 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=44.0.2403.155;lang=;guid=CAE4DA04FAC7468EB75E6D6D265FB12F;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\cbdff75b-252b-44cb-8b4c-a2be8e03e062.dmp

    Error: (08/18/2015 10:35:48 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: ControlDeck.exe1.0.9.24ca438afunknown0.0.0.000000000c000000500000000

    Error: (08/18/2015 10:32:11 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=44.0.2403.155;lang=;guid=CAE4DA04FAC7468EB75E6D6D265FB12F;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\3265c259-0408-456d-97d1-a7bcd7d34cfe.dmp

    Error: (08/18/2015 09:47:40 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: DllHost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.1893355a6a196c000037400000000000bffc2118c01d0d99aebef16cfC:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dll2a087e80-458e-11e5-bb3b-f46d0482a988

    Error: (08/18/2015 07:27:52 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=44.0.2403.155;lang=;guid=CAE4DA04FAC7468EB75E6D6D265FB12F;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\e13e0e86-181b-4ef3-8fb3-7e7950b7877b.dmp

    Error: (08/18/2015 05:31:03 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: ControlDeck.exe1.0.9.24ca438afntdll.dll6.1.7601.1893355a69e20c000000500032973

    Error: (08/18/2015 05:21:33 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=44.0.2403.155;lang=;guid=CAE4DA04FAC7468EB75E6D6D265FB12F;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\78c8facd-ede0-4619-849d-d2c067d00da3.dmp

    Error: (08/18/2015 03:56:30 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: ACEngSvr.exe1.0.0.4452a2d8antdll.dll6.1.7601.1893355a6a196c000037400000000000bffc2186401d0d969dd633897C:\Windows\SysWOW64\ACEngSvr.exeC:\Windows\SYSTEM32\ntdll.dll1b16e798-455d-11e5-8b43-74f06dcfbbe9

    Error: (08/18/2015 03:56:24 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: ACEngSvr.exe1.0.0.4452a2d8antdll.dll6.1.7601.1893355a6a196c000037400000000000bffc2107c01d0d969d9e30daeC:\Windows\SysWOW64\ACEngSvr.exeC:\Windows\SYSTEM32\ntdll.dll179a56c0-455d-11e5-8b43-74f06dcfbbe9


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
    Percentage of memory in use: 54%
    Total physical RAM: 3948.54 MB
    Available physical RAM: 1807.63 MB
    Total Virtual: 7895.29 MB
    Available Virtual: 5513.8 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:115.22 GB) (Free:57.54 GB) NTFS ==>[system with boot components (obtained from reading drive)]
    Drive d: (Data) (Fixed) (Total:329.05 GB) (Free:159.6 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EDFDB5FF)
    Partition 1: (Not Active) - (Size=21.5 GB) - (Type=1C)
    Partition 2: (Active) - (Size=115.2 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=329.1 GB) - (Type=OF Extended)

    ==================== End of log ============================

  6. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Next

    Please download AdwCleaner by Xplode onto your Desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the logfile button and the log will open in Notepad.
    • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
    • Click on the Clean button follow the prompts.
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • You can find the log file at [b]C:\[b]


    Next

    Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.


    In your next reply post;

    • The AdwCleaner [SO].txt Log
    • The JRT.txt Log


    Thanks
    Joe

  7. #7
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Default

    # AdwCleaner v4.111 - Logfile created 26/08/2015 at 20:57:28
    # Updated 18/02/2015 by Xplode
    # Database : 2015-08-25.1 [Server]
    # Operating system : Windows 7 Professional Service Pack 1 (x64)
    # Username : DEMNS - DEMNS-PC
    # Running from : C:\Users\DEMNS\Desktop\adwcleaner_4.111.exe
    # Option : Cleaning

    ***** [ Services ] *****

    [#] Service Deleted : mcaudrv_simple
    [#] Service Deleted : ManyCam

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Users\DEMNS\AppData\Local\slimware utilities inc
    Folder Deleted : C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd
    Folder Deleted : C:\Users\DEMNS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml

    ***** [ Scheduled tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
    Key Deleted : HKCU\Software\SlimWare Utilities Inc
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C168639F-5810-4EC8-B1E8-0251AA8A771C}

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17937


    -\\ Mozilla Firefox v39.0 (x86 en-US)


    -\\ Google Chrome v44.0.2403.157


    *************************

    AdwCleaner[R0].txt - [2790 bytes] - [09/03/2015 09:44:59]
    AdwCleaner[R1].txt - [1671 bytes] - [26/08/2015 20:51:58]
    AdwCleaner[S0].txt - [2824 bytes] - [09/03/2015 09:49:52]
    AdwCleaner[S1].txt - [1564 bytes] - [26/08/2015 20:57:28]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1623 bytes] ##########

  8. #8
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Default

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 7.5.7 (08.18.2015:1)
    OS: Windows 7 Professional x64
    Ran by DEMNS on Wed 26/08/2015 at 21:03:10.00
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Tasks

    Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster Scan
    Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster SkipUAC (DEMNS)
    Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster Update
    Successfully deleted: [Task] C:\Windows\system32\tasks\SlimDrivers Startup
    Successfully deleted: [Task] C:\Windows\Tasks\SlimDrivers Startup.job



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}



    ~~~ Files

    Successfully deleted: [File] C:\Windows\system32\drivers\swdumon.sys
    Successfully deleted: [File] C:\Users\DEMNS\Appdata\Local\google\chrome\user data\default\local storage\hxxp_lyrics.wikia.com_0.localstorage
    Successfully deleted: [File] C:\Users\DEMNS\Appdata\Local\google\chrome\user data\default\local storage\hxxp_lyrics.wikia.com_0.localstorage-journal



    ~~~ Folders

    Successfully deleted: [Folder] C:\Program Files (x86)\iobit\driver booster
    Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
    Successfully deleted: [Folder] C:\ProgramData\google
    Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster
    Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver booster 2
    Successfully deleted: [Folder] C:\ProgramData\productdata
    Successfully deleted: [Folder] C:\Users\DEMNS\AppData\Roaming\getrighttogo
    Successfully deleted: [Folder] C:\Users\DEMNS\AppData\Roaming\iobit\driver booster
    Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers



    ~~~ Chrome


    [C:\Users\DEMNS\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

    [C:\Users\DEMNS\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

    [C:\Users\DEMNS\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

    [C:\Users\DEMNS\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
    []





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Wed 26/08/2015 at 21:09:29.48
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  9. #9
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Default

    The 2 logs you wanted above Joe

  10. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    A few items to fix

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Open notepad (Start =>All Programs => Accessories => Notepad).
    Copy/Paste the contents of the code box below into Notepad.

    Code:
    start
    CloseProcesses:
    CreateRestorePoint:
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-4141175638-1873252099-901921829-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    Task: {3D46D517-196E-4FAF-B44C-F32028A71840} - \SUPERAntiSpyware Scheduled Task b79ed64c-17e5-4839-9bf3-0d9ab3dedd0d -> No File <==== ATTENTION
    Task: {86EBE71B-511B-4136-B394-A35B3DB6DE6F} - \SUPERAntiSpyware Scheduled Task 8d0b3b07-a4a0-49ab-821c-324dee99dc32 -> No File <==== ATTENTION
    Task: {D33B9143-542F-4E05-A410-A659EC792703} - System32\Tasks\Driver Booster SkipUAC (DEMNS) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-02-05] (IObit)
    CMD: bitsadmin /reset /allusers
    CMD: netsh winsock reset catalog
    CMD: ipconfig /flushdns
    RemoveProxy:
    hosts:
    Emptytemp:
    Click Format and ensure Wordwrap is unchecked.
    Save as Fixlist.txt to your Desktop (Must be in this location)
    Run FRST/FRST64 and press the Fix button just once and wait.
    If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

Page 1 of 2 12 LastLast