Start CreateRestorePoint: Stopallprocesses: SearchScopes: HKU\S-1-5-21-3187660000-4005643778-904162757-1000 -> {CAF23D13-F526-4D8C-B831-502412BB7724} URL = http://www.ask.com/web?q={searchTerms}&search=search&qsrc=0&o=0&l=dir BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO-x32: No Name -> {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} -> No File BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit) HKU\S-1-5-21-3187660000-4005643778-904162757-1001\...\MountPoints2: {083bf88a-32a4-11e3-9238-e0cb4effeff8} - F:\LaunchU3.exe -a FF user.js: detected! => C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\4xgc4omk.default\user.js FF Extension: Ads Removal - C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\4xgc4omk.default\Extensions\adremoveext@adremoveext.net [2015-01-24] FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\4xgc4omk.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-11] CHR Extension: (Ads Removal) - C:\Users\Shirley\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2015-01-24] CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - No Path CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - No Path S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit) C:\Program Files (x86)\IObit 2015-02-07 22:47 - 2015-02-07 22:47 - 00003290 _____ () C:\Windows\System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} 2015-01-25 00:26 - 2014-07-10 23:28 - 00000000 ____D () C:\Users\Shirley\AppData\Roaming\IObit C:\Users\Mimi\Bubblets.dat C:\Users\Public\AlexaNSISPlugin.6860.dll FlvPlayer (HKU\S-1-5-21-3187660000-4005643778-904162757-1000\...\FlvPlayer) (Version: ${VERSION} - ) <==== ATTENTION Task: {9B114BAD-30C6-4C39-92B2-187EC3795584} - System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} => C:\ProgramData\cis6D24.exe <==== ATTENTION C:\ProgramData\cis6D24.exe Strongvault Online Backup (x32 Version: 5.0.2.34 - Strongvault Online Backup) Hidden <==== ATTENTION Yontoo 1.12.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.12.02 - Yontoo LLC) <==== ATTENTION AlternateDataStreams: C:\Windows\system32\GEARAspi64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msvcp120.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\GEARAspi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\java.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\javaw.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\SWDUMon.sys:$CmdTcID AlternateDataStreams: C:\Users\Mimi\Downloads\10-Gut-Cleansing-Foods-FB13PX.pdf:$CmdTcID AlternateDataStreams: C:\Users\Mimi\Downloads\10-Gut-Cleansing-Foods-FB13PX.pdf:$CmdZnID AlternateDataStreams: C:\Users\Mimi\Downloads\17-Cheat-Foods-That-Burn-Fat-M81441.pdf:$CmdTcID AlternateDataStreams: C:\Users\Mimi\Downloads\17-Cheat-Foods-That-Burn-Fat-M81441.pdf:$CmdZnID AlternateDataStreams: C:\Users\Mimi\Downloads\1DD-CheatSheets-r3p1231.pdf:$CmdTcID AlternateDataStreams: C:\Users\Mimi\Downloads\1DD-CheatSheets-r3p1231.pdf:$CmdZnID AlternateDataStreams: C:\Users\Mimi\Downloads\4-Sneaky-Tricks-to-Lower-Your-Blood-Sugar-G1981.pdf:$CmdTcID AlternateDataStreams: C:\Users\Mimi\Downloads\4-Sneaky-Tricks-to-Lower-Your-Blood-Sugar-G1981.pdf:$CmdZnID AlternateDataStreams: C:\Users\Mimi\Downloads\5-WorstCookingOils-for-A-FlatStomach-60-69-32561K58941.pdf:$CmdTcID AlternateDataStreams: C:\Users\Mimi\Downloads\5-WorstCookingOils-for-A-FlatStomach-60-69-32561K58941.pdf:$CmdZnID AlternateDataStreams: C:\Users\Mimi\Downloads\7-Fattening-Foods-That-Fight-Fat-ZBB233G6.pdf:$CmdTcID AlternateDataStreams: C:\Users\Mimi\Downloads\7-Fattening-Foods-That-Fight-Fat-ZBB233G6.pdf:$CmdZnID AlternateDataStreams: C:\Users\Mimi\Downloads\CyberLink_Power2Go_Downloader.exe:$CmdTcID AlternateDataStreams: C:\Users\Mimi\Downloads\CyberLink_Power2Go_Downloader.exe:$CmdZnID AlternateDataStreams: C:\Users\Mimi\Downloads\Fitbit_SupportedDevices_Android.pdf:$CmdTcID AlternateDataStreams: C:\Users\Mimi\Downloads\Fitbit_SupportedDevices_Android.pdf:$CmdZnID AlternateDataStreams: C:\Users\Mimi\Downloads\Fitbit_SupportedDevices_iOS.pdf:$CmdZnID EmptyTemp: CMD: bitsadmin /reset /allusers End